An overview of the worldwide EMV cards (2017-2025) report

‘World EMV Cards Consumption Market Report 2017-2025’ is a recent in-depth study that has been conducted to study the current condition of Network as a service in the global market, especially in North America, Europe, South America (SAM), Middle East and Africa (MEA) and Asia Pacific (APAC).

What Do We Know About EMV Cards?

EMV cards are simply smart cards (also known as chip cards or IC cards) that store and authenticate data on integrated circuits. EMV is a globally set security standard based on the chip technology that allows credit, debit and other card payment transactions to take place. Europay, Mastercard, and Visa are the three companies which originally developed the specifications required for the technology. In a world where cyber frauds and hackers are constantly increasing, EMV cards help in authenticating chip-card transactions. Various data breaches and forged card fraud cases have been recorded these past few years and the U.S has resorted to using this new technology to secure the personal data of consumers and business owners.

The Objectives of the ‘World EMV Cards Consumption Market Report 2017-2025’

The ‘World EMV Cards Consumption Market Report 2017-2025’ offers an analysis of the consumer market of EMV cards on a global level along with a detailed segmentation of the market by different types. Experts predict that the consumer market is expected to grow even more with the rising threat in the BSFI industry.

The main objective of this report is to provide a forecast of the market size (up till 2025) of the overall consumption of EMV cards regarding five major regions listed above (APAC, SAM, MEA, North America and Europe). It also evaluates the various dynamics that will affect the consumer market during the forecast period (that is, the restraints, opportunities and future trends) and provides an exhaustive PEST analysis for all of the five regions.

The report also identifies the main EMV cards consumption players that have the potential in influencing the market with their strategies and SWOT analysis. The different EMV consumption market players include Cardzgroup, ABnote, Gemalto, CPI Card, Giesecke & Devrient, Oberthur Technologies, Perfect Plastic Printing, and Versatile Card Technology.

The Increasing Demand for EMV Cards

The latest EMV deployment figures were published by EMVco in June 2016. 35.8% of all chip card transactions, in contact and contactless form, used the EMV chip technology in 2015. Today, it is estimated that over 4.8 billion EMV payment cards are in circulation around the globe, making an increase of approximately 1.4 billion than it was in 2014.

Why Is EMV Important?

Other than making payment processes easier and faster, EMV chip card transactions carry several benefits.

Reducing Fraud and Cyber Threats

Compared to magnetic stripe cards which necessitate a signed paper receipt, EMV chip cards require a PIN (Personal Identification Number). This feature of EMV cards does not only make transactions more secured but also authenticates the processes. Frauds and cybercriminals will no more be able to forge signatures to steal money as the chips contain encryption algorithms. Criminals who would think of creating a similar card will not be successful as the chips in EMV cards cannot be cloned or copied.

Offline Transactions

Thanks to the microprocessors present in EMV cards, users can now perform offline transactions and verifications. If you do not have any access via an online connection to your banking systems, the microprocessors interact with the terminals in the EMV cards to verify and accept PIN codes offline.

Contactless Payment Processes

Mobile wallets and easy banking transactions are becoming famous in the payment industry. EMV chip cards facilitate such transactions by allowing users to “wave their smart-phones over a terminal rather than dipping or tapping a card”.

How Does an EMV Transaction Take Place?

Selecting and Reading Data

Application selection is the first step of an EMV transaction. All product issuers (for example Visa, Mastercard, AEIPS, etc.) have their own application that helps in identifying the type of product. This AID (application identifier) is issued by the ISO/IEC 7816-5 registration authority and contains five bytes that allow the provider to differentiate among various applications.

The terminal then sends the processing options and commands to the card. During this process, the card provides the necessary data elements (from the AFL – Application File Locator) that the terminal needs to read from the card, including lists of files, records, and functions that should be performed while processing the transaction.

All smart cards – including EMV cards – store important data in files using the BER TLV format. Although the EMV does not specify in which files the data is stored, the AFL (Application File Locator) uses a read record command to read all of them. EMV cards are known to define the tag values for all information used during card processing.

Authenticating, Accepting and Declining Transactions

Processing restrictions is another important step of EMV transactions which will determine if the card should be used or not. At this point, three data elements are checked: Application version number, application usage control (to see if the card is meant only for domestic use, etc.) and application expiration dates. In cases where any of these three checks fail, the card is not necessarily declined. The terminal verification results (TVR) is responsible for deciding whether a card is accepted or declined in the transaction flow. It also allows card issuers to grant permission to cardholders to continue using expired cards beyond their expiry dates but perform transactions online.

The offline data authentication then uses a public-key cryptography to check and validate the card. The type of card will determine three different processes:

  • SDA (Static Data Authentication) will ensure that the data read from the card has been signed by the card issuer.
  • DDA (Dynamic Data Authentication) offers protection against cloning and further modifications.
  • CDA (Combined DDA/generate application cryptogram) assures the validity of the card. Although this process is not compulsory, it is carried out in specific markets where both the card and terminal supports it.

The cardholder verification feature evaluates whether the one presenting the card is the legitimate cardholder. This is done through various methods such as signatures, online or offline PINS (plaintext or enciphered). Terminals use different verification methods depending on their configuration, type, and country in which it is used.

The terminal risk management is performed on specific devices to decide if a particular transaction should be allowed to be completed online or offline. The transaction amount is verified against an offline ceiling limit and in cases where the quantity exceeds, then transactions should be processed online.

To determine where a transaction should be approved offline, declined offline or sent for authorization online, various data objects are known as Terminal Action Codes (TACs that are held in the terminal) and Issuer Action Codes (IAC’s are read from the card) are combined. During the terminal action analysis step, online-only devices such as ATM’s usually allow the authorization requests to be completed online except if it is declined by the TACs.

First card action analysis offers the card an opportunity to accept or decline the terminal’s action analysis or force the transaction to be performed online. The card then generates a code that can be easily checked by the card issuer for its genuineness. In the second card action analysis, the terminal sends data to the card to communicate the issuer’s response.

Related articles published in EMV and Smart Payment Cards :

Image: Shutterstock