Professional Documents
Culture Documents
Platne Kartice
Platne Kartice
Uvodno predavanje
Autor
Nenad Suboti
Nenad.subotic@asseco-see.rs
Uvod
Osnovne informacije o platnim karticama i
svim uesnicima u kartinom poslovanju
Tehnika
Pogled iz poslovne (business) perspektive
Sadraj 1/4
Kartiarske organizacije
Banke
Procesori
Trgovci
Proizvoai opreme
Korisnici
Sadraj 2/4
Kartiarke organizacije
VISA
MasterCard
Diners
Amex
DinaCard
Sadraj 3/4
Vendori
Najpoznatiji vendori
Korisnici
Tehnoloka podela platnih kartica
Standardne
Magnetne
Ship (EMV)
Contactless
Sadraj 4/4
Terminalna oprema
Bankomati
POS terminali
Pravilno korienje platne kartice na prodajnom mestu
Opti scenario ATM i POS transakcije
Platne kartice
Payment cards
Plastic cards
Cards
Chip cards
EMV cards
Debit cards
Cash cards
...
Cena gotovine
Kredit
Problem gubljenja gotovine
Mogunost plaanja svuda u svetu
(ogranienje valuta)
Za trgovce
Mnogo sigurnije od ekova
Oekivano vea potronja u odnosu na ke
Lake upravljanje sredstvima
Za banku
Smanjuje trokove poslovanja sa gotovinom
Najbolje sredstvo za cash kredite
Obezbeuju zaradu od issuinga i acquiringa
Broj bankomata
oko 1.800.000 (atmia)
Kartiarske organizacije
Banke
Procesori
Trgovci
Proizvoai opreme
Korisnici
Uloge
Kartiarske organizacije
Najpoznatije kartiarske organizacije su:
VISA
MasterCard (MC)
Diners
American Expres (Amex)
Discovery
JCB
DINA (nasionalna platna kartica)
...
VISA
MasterCard
Diners
American Expres
American Express Company (NYSE: AXP), sometimes known as
"AmEx" or "Amex", is a diversified global financial services
company that is headquartered in New York City. Founded in 1850,
it is one of the 30 components of the Dow Jones Industrial Average.
The company is best known for its credit card, charge card, and
traveler's cheque businesses. Amex cards account for approximately
24% of the total dollar volume of credit card transactions in the US,
the highest of any card issuer.[1][2]
BusinessWeek and Interbrand ranked American Express as the 22nd
most valuable brand in the world, estimating the brand to be worth
US$14.97 billion.[3] Fortune listed Amex as one of the top 30 Most
Admired Companies in the World.[4] The New York Times reports it
has a 91% Satisfaction rank
DinaCard
DinaCard platna kartica je nacionalna platna kartica.
Osnovana 2003 godine u saradnji NBS i poslovnih
banaka. Do sada je izdato 2,4 miliona DinaCard kartica.
Mogu se koristiti na najveoj prihvatnoj mrei u zemlji,
koja se sastoji od preko 57.000 POS terminala na
prodajnim mestima i vie od 2.700 bankomata. Nakon
pet godina poslovanja, DinaCard sistem je uspeo da
zauzme treinu trita platnih kartica u zemlji, uz
neprekidan rast broja izdatih kartica, broja transakcija i
prometa. DinaCard sistem ini 31 banka, od kojih 26
aktivno izdaje DinaCard karticu, i sedam procesorskih
kua. 23 banke, pored debitne, izdaju i kreditnu
DinaCard karticu.
Tipovi licenci
NPR. VISA razlikuje vie tipova lanstva (membera)
Acquirer
Associate
ATM Acquirer
Disbursing Member
Group Member
Issuer
Merchant Bank
Participant
Plus Program Participant
Principal
Visa Acquirer
Visa Electron Acquirer
Visa Electron Issuer
Visa Issuer
Prava i obaveze
U zavisnosti od tipa licence koju poseduje, banka
ima prava i obaveze
NPR. Principali VISA-e u Srbiji
Banke
Issuing bank (banka izdavalac)
Banka koja ima licencu za izdavanje kartica
(ugovor sa kartinom organizacijom)
DINA
Skoro sve
VISA
MasterCard
Banca Intesa Beograd
Komercijalna Banka
OTP Banka
Amex
Banca Intesa Beograd
Diners
Diners Srbija
Procesori 1/2
Kompanije koje obezbeuju tehnike uslove za
korienje i obradu platnih kartica
Procesori omoguavaju vezu izmeu banke i
kartine organizacije
Svaka banka Acquirer sertifikuje svog procesora kod
kartine organizacije
Banka moe imati samo jednog procesora za prihvat
kartica na Bankomatima ili EFT POS terminalima za
jednu kartinu organizaciju
Banka moe imati samo jednog procesora koji je
registrovan za izdavanje kartica te banke za jednu
kartinu organizaciju
Procesori 2/2
Svaki procesor mora biti registrovan kod kartinih organizacija
Da bi se registrovao, procesor mora da proe sertifikaciju sa barem
jednom principal bankom
Sertifikacija je proces u kome procesor radi niz testova sa kartinom
organizacijom koji treba da pokau da procesor potuje sve
protokole i procedure propisane od strane kartine organizacije za
obavljanje procesinga za issuing i acquiring
Poznati procesori u naem regionu
Banka Procesor
Svaka Banka koja je principal ima mogunost da
sama obavlja posao procesinga
Sertifikacija banke radi se na isti nain kao
sertifikacija procesora
Primer banakaka koje rade tzv In house
procesing:
Trgovci
Merchant, neko ko prodaje robu ili uslugu koju je
proizveo neko drugi, termin koji koriste sve
kartie organizacije
Trgovci potpisuju ugovore o prihvatu platnih
kartica iskljuivo sa bankama, a banke su u
obavezi pred kartinim organizacijama da
garantuju za svakog svog trgovca
Banke obavezuju trgovce da potuju pravila i
procedure propisane od strane kartinih
organizacija
Airline
Car Rental Company
Cash Disbursement Merchant
Cruise Line
Electronic Commerce Merchant
High-Risk Telemarketing Merchant
Hotel
International Airline
In-Transit Service Gambling Merchant
In-Transit Service Merchant
Mail/Phone Order Merchant
Prepaid Card Merchant
Quasi-Cash Merchant
Recurring Services Merchant
Retail Merchant
Single Merchant
T&E Merchant
Timeshare Merchant
Wire Transfer Merchant
Najpoznatiji vendori
ATM
NCR
Wincor Nixdorf
Diebold
EFT POS
Ingenico
Hypercom
Verifone
Host software
ACI (base 24)
Tieto Enator
Compass plus
Kartice
Gemalto
Austria Card
Oberthur
Security (HSM)
Thales e security
Korisnici
Standardne
Standardne plastine kartice su kartice koje su
egzistirale samo u okviru lokalnih trita jer su
ih izdavale firme i to najee za potrebe
plaanja telefonskih razgovora...
Magnetne
Kartice sa magnetnom trakom sadre na sebi
tri staze: za identifikaciju emitenta kartice,
broja rauna i vlasnika rauna (PIN - ifra), dok
su upisani podaci podloni spoljnim uticajima,
mogu biti promenjeni, izbrisani ili oteeni
Chip (EMV)
Smart kartica (Smard Card) je plastina kartica,
koja je po izgledu slina obinim kreditnim ili
debitnim karticama, ali za razliku od njih
poseduje jedan novi detalj integrisano kolo
ili ip na kome se nalazi procesor (pomou
koga se omoguavaju razna izraunavanja
direktno na kartici) i memorija
Contactless
Contactless kartice su u osnovi magnetne ili
ip kartice koje imaju antenu koja im
omoguava plaanje na specijalizovanim
terminalima bez kontakta
ISO/IEC 7810:2003
ISO/IEC 7810:2003/Amd 1:2009
Usage
ID-1
ID-2
105 74 mm
ID-3
125 88 mm
ID-000 25 15 mm
SIM cards
ID-1 fromat
The ID-1 format specifies a size of 85.60 53.98 mm (3.370 2.125 in). It
is commonly used for banking cards (ATM cards, credit cards, debit cards,
etc.). Today it is also used for driving licences in many countries (including
the United States, Brazil, Canada, Australia, New Zealand, Norway, and
European Union countries). This format is also used as a personal identity
card in some other countries like Belgium, Bulgaria, Chile, Croatia,
Pakistan, Peru, Brazil, Poland or Switzerland, in retail loyalty cards, and it is
one fairly common format for business cards. The United States passport
card also uses the ID-1 format.
ISO/IEC 7813 defines additional characteristics of ID-1 plastic banking
cards, for example a thickness of 0.76 mm and corners rounded with a
radius of 3.18 mm.
ISO/IEC 7811 defines traditional techniques for recording data on ID-1
identification cards, namely embossed characters and several different
magnetic recording formats.
ISO/IEC 7816 defines ID-1 identification cards with an embedded chip
(smartcard) and contact surfaces for power, clock, reset and serial-data
signals.
ISO/IEC 7813
ISO/IEC 7813 is a standard that defines
properties of financial transaction cards [1], eg
ATM or credit cards.
The standard defines:
physical characteristics, eg size, shape, location of
magnetic stripe etc
magnetic track data structures
ISO/IEC 7813
Physical characteristics
ISO/IEC 7813
Magnetic Strype 1/2
Track 1
ISO/IEC 7813
Magnetic Strype 2/2
Track 2
The Track 2 structure is specified as:
STX : Start sentinel ";"
PAN : Primary Account Number, up to 19 digits, as defined in
ISO/IEC 7812-1
FS : Separator "="
ED : Expiration date, YYMM or "=" if not present
SC : Service code, 3 digits or "=" if not present
DD : Discretionary data, balance of available digits
ETX : End sentinel "?"
LRC : Longitudinal redundancy check, calculated according to
ISO/IEC 7811-2
ISO/IEC 7816
ISO/IEC 7816 is an international standard related
to electronic identification cards with contacts,
especially smart cards, managed jointly by the
International Organization for Standardization
(ISO) and the International Electrotechnical
Commission (IEC).
It is edited by the Joint technical committee (JTC)
1 / Sub-Committee (SC) 17, Cards and personal
identification.
The following describes the different parts of this
standard.
EMV is a standard for interoperation of IC cards ("Chip cards") and IC capable POS terminals and
ATMs, for authenticating credit and debit card payments. The name EMV comes from the initial
letters of Europay, MasterCard and VISA, the three companies that originally cooperated to develop
the standard. Europay International SA was absorbed into Mastercard in 2002. JCB (formerly Japan
Credit Bureau) joined the organization in December 2004, and American Express joined in February
2009. IC card systems based on EMV are being phased in across the world, under names such as "IC
Credit" and "Chip and PIN".
The EMV standard defines the interaction at the physical, electrical, data and application levels
between IC cards and IC card processing devices for financial transactions. Portions of the standard
are heavily based on the IC Chip card interface defined in ISO/IEC 7816.
The system is not compatible with the original Carte Bancaire smart cards systematically deployed
in France since 1992. However, the French Carte Bancaire now also uses the EMV standard.
The most widely known implementations of EMV standard are:
VSDC - VISA
MChip - MasterCard
AEIPS - American Express
J Smart - JCB
Visa and MasterCard have also developed standards for using EMV cards in devices to support cardnot-present transactions over the telephone and Internet. MasterCard has the Chip Authentication
Program (CAP) for secure e-commerce. Its implementation is known as EMV-CAP and supports a
number of modes. Visa has the Dynamic Password Authentication (DPA) scheme, which is their
implementation of CAP using different default values.
VSDC - VISA
MChip - MasterCard
AEIPS - American Express
J Smart - JCB
Visa and MasterCard have also developed standards for using EMV
cards in devices to support card-not-present transactions over the
telephone and Internet. MasterCard has the Chip Authentication
Program (CAP) for secure e-commerce. Its implementation is known
as EMV-CAP and supports a number of modes. Visa has the
Dynamic Password Authentication (DPA) scheme, which is their
implementation of CAP using different default values.
PCI DSS
Terminalna oprema
Bankomat
Raunar sa periferijama za:
Izdavanje novca
tampanje rauna
Monitor, tastatura, komunikacija
Oklopljeno kuite sa sefom
POS terminal
Elektronski ureaju koji omoguavaju prihvat
(plaanje) platnih kartica na prodajnom mestu
Operacije:
Prikupljanje podatke sa kartice i iznosa transakcije
Povezivanje (telefonski, GPRS, Ethernet) na banku
prihvatioca
Po dobijanju odobrenja tampanje rauna
transakcije
MI ZNAMO
sve o karticama
Scenario transakcije
Banka izdavalac - issuer
Banka
prihvatilac acquirer
MI ZNAMO
sve o karticama
Sledee predavanje
Tehnike Komponente sistema (POS, ATM,
Host, Front Office, Back office, CMS, Server
banke, ....)
Protokoli (NDC, DDC, ISO 8583, Hyperom ISO
8583...)
Primeri transakcija POS & ATM
Osnovne informacije o ATM i POS terminalima
Rezime
(ta smo nauili)