EMVCo White Paper On Contactless Mobile Payment 20110921111857912

EMV*
Contactless Mobile Payment
EMVCo White Paper on Contactless

Mobile Payment
Version 2.0
September 2011
EMV is a registered trademark in the U.S. and other countries and an unregistered
trademark elsewhere. The EMV trademark is owned by EMVCo.
2011 EMVCo, LLC (EMVCo). All rights reserved. Any and all uses of the EMV Specifications
(Materials) shall be permitted only pursuant to the terms and conditions of the license agreement
between the user and EMVCo found at http://www.emvco.com/specifications.aspx.
EMV
EMVCo White Paper on Contactless

Mobile Payment
Version 2.0
September 2011
2011 EMVCo, LLC (EMVCo). All rights reserved. Any and all uses of the EMV Specifications
(Materials) shall be permitted only pursuant to the terms and conditions of the license agreement
between the user and EMVCo found at http://www.emvco.com/specifications.aspx.
EMV Contactless Mobile Payment

EMVCo White Paper on Contactless Mobile Payment

Contents
1
Executive Summary............................................................................................. 1
References ........................................................................................................... 3
Contactless Mobile Payment Overview ............................................................. 5
3.1
History........................................................................................................... 5
3.2
Meeting These Goals.................................................................................... 6
3.3
Principles ...................................................................................................... 9
EMVCo Technical Work and Perspective ........................................................ 11

4.1
Contactless Mobile Payment Applications .................................................. 11
4.2
Application Choice and Activation .............................................................. 11
4.3
CMP Application Lifecycle .......................................................................... 12
4.4
Payment Terminals Supporting Contactless Mobile Payment .................... 12
4.5
Secure Elements ........................................................................................ 13
4.6
Personalisation and Provisioning of CMP Applications .............................. 14
4.7
Contactless Communication Modules ........................................................ 15
4.8
Mobile Device Requirements to Support CMP ........................................... 15
Type Approval .................................................................................................... 17

5.2
Mobile Handsets ......................................................................................... 17
5.3
Secure Elements ........................................................................................ 18

5.3.1
5.3.2
Security Evaluation ......................................................................... 18

Functional Evaluation ...................................................................... 18
5.4
CMP Applications ....................................................................................... 19
5.5
Contactless Mobile Payment Terminal Approval ........................................ 19
Looking Forward................................................................................................ 21
Annex A
Summary of Contactless Mobile Payment Areas .............................. 23
Annex B
Frequently Asked Questions ............................................................... 25
Annex C
Actions Taken in Response to Areas Defined in the

Technical Issues and Position Paper ................................................. 27
Annex D
Glossary ................................................................................................ 35
September 2011
v 2.0
Page iii
2011 EMVCo, LLC (EMVCo). All rights reserved. Any and all uses of the EMV Specifications (Materials) shall be
permitted only pursuant to the terms and conditions of the license agreement between the user and EMVCo found at
http://www.emvco.com/specifications.aspx.

Figures
Figure 1 Simplified Architecture and Areas of Interest ............................................. 8
Figure 2 Simplified Provisioning Architecture ......................................................... 14
Tables
Table 1 Areas Addressed by EMVCo and Other Specification Bodies................... 23
Table 2 Frequently Asked Questions .....................................................................25
Table 3 EMVCo Actions Based on Areas of Work Identified in
Technical Issues and Position Paper ......................................................... 27
Page iv
v 2.0
September 2011

Executive Summary
In 2007 EMVCo published two white papers. The first paper, The Role and Scope of
EMVCo in Standardising the Mobile Payments Infrastructure (1) identified the mobile
landscape at the time, and outlined the role and scope of EMVCos involvement in
the standardisation of Contactless Mobile Payment within this landscape. This
involvement was structured around two main areas: Technical Development and
Industry Co-ordination. The second paper, the Technical Issues and Position Paper
(2), highlighted a number of technical issues that EMVCo had identified as requiring
solutions in order to enable the wide scale deployment of Contactless Mobile
Payment, and EMVCos planned actions in addressing these issues.
In the four years since EMVCo set out this vision, there has been significant
movement in the industry. EMVCo has published a number of documents, and other
industry bodies have also been active in the standardisation of technologies and
services related to Contactless Mobile Payment.
Toward meeting the goals of providing technical development and industry
co-ordination, EMVCo has published the following technical documents:
Contactless Mobile Payment Architecture Overview (3) provides an architecture

and context for other EMVCo mobile documents
Handset Requirements for Contactless Mobile Payment (4) provides guidance to

the industry regarding features required for supporting Contactless Mobile
Payment capabilities.
Application Activation User Interface Overview, Usage Guidelines, and PPSE

Requirements (5) defines how to configure a mobile device supporting multiple
Contactless Mobile Payment applications to reflect the users choice and
preferences.
EMV Profiles of GlobalPlatform UICC Configuration (6) specifies a number of

profiles for GlobalPlatform based UICCs which have been agreed upon by
members of EMVCo.
This white paper provides an updated view of the Contactless Mobile Payment
landscape, setting out EMVCos current position and detailing how the issues
identified previously have been addressed. It also identifies where EMVCo has
on-going work in Contactless Mobile Payment, and highlights areas in which other
industry bodies are providing input.
September 2011
v 2.0
Page 1
1 Executive Summary
Page 2

v 2.0
September 2011

References
The following documents are referenced in this white paper. All are available on
www.emvco.com.
1
EMV Mobile Contactless Payment: White Paper: The Role and Scope of
EMVCo in Standardising the Mobile Payments Infrastructure. Version 1.0,
2007.
EMV Mobile Contactless Payment: Technical Issues and Position Paper.

Version 1.0, 2007.
EMVCo Contactless Mobile Payment: Contactless Mobile Payment

Architecture Overview. Version 1.0, 2010.
EMV Contactless Mobile Payment: EMVCo Handset Requirements for

Contactless Mobile Payment. Version 1.0, 2010.
EMVCo Contactless Mobile Payment: Application Activation User Interface

Overview, Usage Guidelines, and PPSE Requirements. Version 1.0,
2010.
EMVCo Contactless Mobile Payment: EMV Profiles of GlobalPlatform

UICC Configuration. Version 1.0, 2010.
EMV Contactless Specifications for Payment Systems. Book C-1. Kernel 1

Specification. Version 2.1, 2011.


10

11
EMV Contactless Specifications for Payment Systems. Book D. EMV

Contactless Communication Protocol Specification. Version 2.1, 2011.
12
EMV Card Personalization Specification. Version 1.1, 2007.
13
EMVCo Card Testing Framework for Contactless. Version 1.0, 2010.
14
EMV Security Guidelines. EMVCo Security Evaluation Process.

Version 4.0, 2010.
September 2011
v 2.0
Page 3
2 References
Page 4

v 2.0
September 2011

Contactless Mobile Payment Overview
The increasing rate of convergence between the mobile telecommunications and

payments industries has led mobile payments to become a growing industry sector in
recent years.
All actors within the value chain are set to benefit from the wide-scale deployment of
mobile payments: the financial community, merchants, network operators, technology
providers, and consumers. These benefits are set to increase as mobile payment
programmes evolve beyond the medium term reality of mass market contactless
mobile payment.
3.1
History
In 2007, after analysis and vetting with its stakeholders, EMVCo decided that its role
in Contactless Mobile Payment standardisation is two-fold. Firstly, with the growth of
the contactless mobile payment sector, there was a need for EMVCo to address and
resolve a number of technical infrastructure issues associated with enabling
contactless payments via mobile phone handsets. This technical development
responsibility was in line with EMVCos traditional role within the payments industry
as a technology standards body. The mobile payment technical focus of EMVCo
would be an adjunct to the organisations work towards the development of
specifications related to contactless payment and the associated common Type
Approval process for cards and terminals.
Secondly, due to the nature and early lifecycle stage of the contactless mobile
payment market there was a need for the payments industry to adopt a collaborative
approach to standardisation. EMVCo would co-ordinate the payments industry
efforts, in standardisation work with other industry groups and market forces in order
that an interoperable contactless mobile payment model for EMV transactions could
be defined and created. EMVCo would provide the common voice of the payments
industry on contactless mobile proximity payment standardisation.
EMVCos role within the standardisation of contactless mobile payment could be
classified under two headings and broken down into a number of key deliverables:
September 2011
v 2.0
Page 5
3 Contactless Mobile Payment Overview

Technical Development:
To define chip data security requirements
To define a framework for Type Approval process
To define global interoperability between Contactless Mobile Payment

devices and payment acceptance infrastructure from a technical perspective
To identify user interface issues
Industry Co-ordination
To standardise contactless mobile proximity payment infrastructure

requirements
To fill in gaps which exist in the standardisation of Over-the-Air (OTA) card

and application management (for both secure elements and user interface
applications)
To actively engage relevant standards organisations in order to ensure EMV

involvement in the standardisation for contactless mobile payment
To speak with a common voice to vendors, operators, banks, and merchants

about contactless mobile payment opportunities, challenges, and the need for
standardisation.
Throughout the process of working towards the creation of a global interoperable

contactless mobile payment infrastructure for EMV transactions, EMVCo has
solicited feedback on its role from the payments industry in order to remain relevant
to, and representative of, the sector.
3.2
Meeting These Goals
In this environment, EMVCo identified the need for common specifications and
common platforms in order to prevent fragmentation, which could in turn become a
barrier to the widespread deployment of Contactless Mobile Payment (CMP). It was
also recognised that mobile devices are not primarily financial instruments. Mobile
devices are primarily communication devices, but are increasingly becoming
multipurpose devices with the advent of location services and the myriad mobile
applications (apps) which are now available. The requirements for CMP are just
one set of requirements which must be balanced with the needs of other application
areas for mobile devices, and it is important for EMVCo to work with the wider mobile
industry in defining specifications and requirements.
Page 6
v 2.0
September 2011

It was also clear that the lifecycles of mobile devices are significantly different from
those of payment smart cards. This is the case both in the development timescales
and the time in market. In order for the financial industrys requirements for CMP to
be met by mobile devices it is important that the impact on the mobile device
development lifecycle is minimised. This involved developing pragmatic approaches
to type approval and testing which meet the needs of both the financial and mobile
industries.
In order to identify the areas in which further work was necessary, EMVCo developed
a reference framework for CMP, which has been published in the Contactless Mobile
Payment Architecture Overview (3). That document identified the following areas of
interest in specification work:
Contactless Mobile Payment applications
CMP application choice and activation
CMP application lifecycle maintenance
Secure Elements
Personalisation and provisioning of Contactless Mobile Payment
Contactless communication modules
Mobile device requirements to support CMP
Contactless payment terminals supporting Contactless Mobile Payment
These are illustrated in Figure 1 below.
September 2011
v 2.0
Page 7

Figure 1 Simplified Architecture and Areas of Interest
Mobile Device
Provisioning and
Personalisation
Wide Area
Modem
Application Environment
User Interface
Application
CMP Application
Lifecycle
Maintenance
Secure Element
CMP
Application
Contactless
Communication Module
Contactless Payment
Terminal
This white paper provides more detail regarding EMVCos position with respect to
each of these areas.
Page 8
v 2.0
September 2011

3.3
Principles
Before starting contactless mobile payment technical development and liaison

activities, EMVCo developed and vetted a set of principles to guide its efforts. These
principles include:
A mobile device may support multiple contactless mobile payment

applications from multiple financial issuers and carrying different brands.
The user determines which payment instrument is to be used for a

transaction.
EMVCo does not mandate a particular Secure Element architecture or policy,

but seeks to provide flexibility in order to allow the deployment the most
appropriate solution for a particular market.
Where possible EMVCo will make use of industry specifications rather than
defining new specifications.
EMVCo will seek to make use of industry type approval programmes for
qualification of mobile devices.
Contactless Mobile Payment must be compatible with existing EMVCo based

contactless payment infrastructure.
September 2011
v 2.0
Page 9

Page 10
v 2.0
September 2011

EMVCo Technical Work and Perspective
Using EMVCos documented Contactless Mobile Payment architecture as a base,

the following sections provide a summary of EMVCos development activities. Where
EMVCo has not developed specific deliverables this section provides perspective on
the standardisation efforts of other organisations.
Further details of how EMVCo has addressed the areas identified in the Technical
Issues and Position Paper (2) are given in Annex C.
4.1
Contactless Mobile Payment Applications
The heart of a Contactless Mobile Payment transaction is the CMP application. The
definition of the CMP applications is the role of each of the payment systems.
Likewise CMP application approval, both functional and security, is the responsibility
of the payment systems.
Although EMVCo does not define the CMP application itself, the focus of the EMVCo
work is to define a common environment to enable the use of CMP applications. As
per the architecture in Figure 1 above, CMP applications must reside within a Secure
Element in the mobile device, and this Secure Element may be shared with other
applications both CMP and non-payment applications. The EMV specifications
enable the co-existence of this multiplicity of applications.
4.2
Application Choice and Activation
To enable the user to choose the desired application to be used for a CMP
transaction, EMVCo has developed the Application Activation User Interface
specification (5). That specification defines how a user interface may gather
information about the CMP applications present on a device in order to enable the
user to select the application that he or she wishes to use for a transaction.
The specification also covers the method by which the user interface application may
configure the mobile device in order that a contactless POS terminal will initiate a
payment transaction with the users chosen application. The primary means by which
this is done is through the Proximity Payment System Environment (PPSE). While
the location of the PPSE within the mobile device is implementation specific, the
Application Activation User Interface specification includes the specification of the
PPSE application when implemented on a Secure Element.
September 2011
v 2.0
Page 11
4 EMVCo Technical Work and Perspective

4.3
CMP Application Lifecycle
Throughout the life of an EMVCo based CMP application there may be a need to
reset application counters and modify parameters within the application. EMVCo
regards this as a CMP application concern, and therefore the responsibility of the
individual payment systems.
4.4
Payment Terminals Supporting Contactless

Mobile Payment
The mobile phone offers a rich platform for interaction between a user and a CMP
application during and surrounding a CMP transaction. Examples of such interactions
include display of branding, transaction information, and entry of a confirmation code
on the mobile device. Use of these features may require additional functionality in
contactless payment terminals, beyond that which is required for acceptance of
contactless cards.
It is important that CMP applications are able to work (possibly with reduced
functionality) on deployed terminals; however, support of the advanced payment
capabilities of CMP requires existing terminals to be updated. From an EMVCo
perspective, the features being added to support CMP (such as application choice)
are backward compatible with deployed contactless payment terminal infrastructure.
In order to provide interoperability between Contactless Mobile Payment and existing
card payment, both contactless payment terminals and mobile devices supporting
CMP are required to implement the Contactless Communication Protocol
Specification (11) which is also applicable to contactless payment cards.
EMV Contactless Specifications for Payment Systems, Books C-n (7) (8) (9) (10)
define the latest terminal specifications which implement any CMP specific features
from each of the payment systems.
The result of this is that EMVCo will not define new type approval processes for
Contactless Payment Terminals supporting CMP but will follow the standard EMVCo
terminal approval procedures.
Page 12
v 2.0
September 2011

4.5
Secure Elements
Security is important to Contactless Mobile Payment applications, just as it is to card

based payment applications. From an EMVCo perspective, security of CMP should
be at the same level as the security of card products. In order to support this security
requirement, a CMP application must reside in a Secure Element. A Secure Element
is a tamper resistant module capable of hosting applications in a secure manner.
There are a number of options for Secure Elements, including amongst others,
embedded Secure Elements, UICCs (SIMs), microSD, and accessories, each of
which may be based on differing hardware, firmware, operating systems, and
platforms.
EMVCo does not have a requirement or preference for any particular architectural
option or platform, nor does it set requirements around the number of Secure
Elements which are available in a mobile device. Where certain options are widely
deployed, EMVCo may develop work items around a particular platform in order to
facilitate interoperability and co-existence of CMP applications on deployments of
that platform. These work items do not imply an EMVCo requirement that such a
platform be used.
EMVCos specifications around CMP have been developed to be able to support
multiple, simultaneously enabled Secure Elements in a mobile device. Whilst EMVCo
encourages flexibility in the architecture, no particular policy for the number and
activation of Secure Elements is mandated. For example, deployments with a single
active Secure Element are covered by the EMVCo specifications.
Historically, payment cards have been owned by a single issuing bank, typically
carrying a single payment brand. There has been flexibility for payment systems and
issuers to define the requirements on the functionality, configuration, and security
requirements of the card. In the deployment of CMP, multiple CMP applications,
potentially from multiple issuing banks, and carrying multiple payment brands, may
co-exist on the same mobile device. As the number of Secure Elements available in
a mobile device is limited, a Secure Element may host multiple CMP applications. If
payment systems and issuers place incompatible requirements on the Secure
Element, this will fragment the market. In order to avoid this situation, EMVCo has
been addressing common requirements for Secure Elements.
EMVCo has published EMV Profiles of GlobalPlatform UICC Configuration (6), which
uses the GlobalPlatform UICC profile as a basis. EMVCo is preparing a similar profile
for non-UICC GlobalPlatform based Secure Elements, and may consider further
profiles for other widely deployed platforms.
September 2011
v 2.0
Page 13

4.6
Personalisation and Provisioning of CMP

Applications
Installing a CMP application on a mobile device (provisioning) and personalising a

CMP application with data specific to the user is an essential step in the deployment
of Contactless Mobile Payment. There are a number of elements to provisioning and
personalisation. A simplified diagram of the actors is shown in Figure 2.
Figure 2 Simplified Provisioning Architecture
Issuer
Trusted
Service
Manager
Mobile Device
Secure
Element
Although EMVCo had identified this as a gap where work was needed, there has
been ongoing work within the industry to address this area. For example,
GlobalPlatform is defining a messaging specification for the management of MobileNFC Services, and the Association Franaise du Sans Contact Mobile (AFSCM) has
written an interface specification which has been contributed to GlobalPlatform. As
the industry has been addressing these issues, EMVCo will not define the interface
between an issuing bank and a Trusted Service Manager (TSM).
Likewise EMVCo will not define the interface between the TSM and the mobile
device or Secure Element for provisioning and personalisation. The EMV Card
Personalisation Specification (12) may be used as part of the personalisation
process, but is not required by EMVCo.
The GlobalPlatform specifications define mechanisms for personalisation which are
appropriate to GlobalPlatform based Secure Elements. As Secure Elements may be
shared by multiple CMP applications, the EMV Profiles of GlobalPlatform UICC
Configuration specification (6) defines a standard environment into which CMP
applications can be provisioned which is acceptable to the payment systems which
are EMVCo members. EMVCo does not mandate the use of these profiles, but
Secure Elements which make use of these profiles may be qualified through the
EMVCo Compliance programme.
Page 14
v 2.0
September 2011

The Application Activation User Interface specification (5) defines how a Secure
Element Contactless Management system should be configured during
personalisation and provisioning in order to support the co-existence of multiple CMP
applications on one mobile device and in particular the use of the GlobalPlatform
Contactless Registry Service (CRS).
4.7
Contactless Communication Modules
The Contactless Communication Module is responsible for the implementation of the

digital and analogue contactless protocol for the mobile device implementing CMP.
For interoperability between CMP applications and the acceptance infrastructure to
support contactless cards, Contactless Communication Modules are required to
conform to the EMV Contactless Communication Protocol Specification (CCPS) (11)
defined by EMVCo.
EMVCo members have worked with the NFC Forum to ensure that the NFC Forum
specifications are compatible with the CCPS, and that devices implementing the NFC
Forum specifications may also meet the requirements of the CCPS.
4.8
Mobile Device Requirements to Support CMP
Mobile devices support a large number of features, and these vary between devices.
To support a wide scale deployment of CMP across multiple models of devices, it is
helpful if there is a minimum set of core features supported across the board.
In order to provide guidance to the mobile industry about what features are required
for CMP, and also areas in which development work would be helpful, EMVCo has
published Handset Requirements for Contactless Mobile Payment (4). The intent of
that document is to provide the industry with direction around CMP, and unless the
same requirements are identified elsewhere within EMVCo documentation, EMVCo
will not be testing the support of those requirements as part of an approvals
programme.
September 2011
v 2.0
Page 15

Page 16
v 2.0
September 2011

Type Approval
EMVCo has for many years offered an extensive type approval programme for
terminals, and since 2007, for chips and CCD/Common Payment Application cards.
In evaluating the role EMVCo should play in type approval for mobile, two particular
areas have been taken into consideration.
1. Mobile industry development cycles: The mobile industry has rapid and time
constrained releases, and it is important that an EMVCo type approval
programme for Contactless Mobile Payment does not negatively impact the
industrys development cycles.
2. Sharing of platforms between issuers and brands: Whereas cards are
typically under the control of a single issuer supporting a single payment
system brand, mobile handsets and Secure Elements may be shared
between multiple issuers and payment brands.
5.2
Mobile Handsets
The mobile industry has a large number of new products being put on the market
each year, and has rapid and time constrained releases. In order to meet the
requirements of the mobile industry, EMVCo will work with other mobile compliance
bodies in order to establish compliance of the Contactless Communication Modules
of mobile devices with the CCPS. EMVCo has a liaison with the NFC Forum which
has recently launched a compliance programme, and is exploring other bodies which
may also be appropriate in this area. The requirements and processes for a form of
EMVCo accreditation in this area are being established.
In the interim a mobile handset may be submitted for Contactless Level 1 evaluation
under the EMVCo Card Testing Framework for Contactless (13).
September 2011
v 2.0
Page 17
5 Type Approval
5.3
5.3.1

Secure Elements
Security Evaluation
The EMVCo security evaluation programme (described in EMV Security Guidelines

EMVCo Security Evaluation Process (14)) has recently been expanded from chips at
the silicon level and issuance of IC (security) Certificates, to also cover the multiapplication platforms at the operating system level and issuance of Platform
(security) Certificates.
The Secure Elements used for CMP will be shared with non-payment applications,
which may have differing security requirements. As applications may come from
different providers, and may be deployed across different Secure Elements, there is
an industry need for a security evaluation methodology which allows for evaluations
of components (e.g. silicon, operating system, applications) by different laboratories
to be combined into an evaluation of the overall product (i.e. silicon + operating
system + applications). EMVCo has worked through liaison relationships with
GlobalPlatform and the GSM Association to help develop the GlobalPlatform
Composition Model for Security Evaluation. EMVCo will incorporate the Composition
Model into the EMVCo security evaluation process in the future.
5.3.2
Functional Evaluation
EMVCo type approval covers functionality defined in the Application Activation User
Interface specification (5). Where a Secure Element implements the mobile PPSE
and/or Secure Element Contactless Management as defined in the Application
Activation User Interface specification, the PPSE and/or Secure Element Contactless
Management implementation may be submitted for EMVCo testing and type approval
In order to issue an EMVCo Letter of Compliance, EMVCo will require both a
successful functional evaluation of the PPSE and/or Secure Element Contactless
Management implementation and a successful security evaluation of the Platform.
EMVCo has a liaison with GlobalPlatform and has developed PPSE and Secure
Element Contactless Management implementation guidelines for GlobalPlatform
based Secure Elements.
EMVCo type approval recognizes the GlobalPlatform Compliance Program. In order
to be recognized by EMVCo as a GlobalPlatform compliant Secure Element, the
Secure Element provider must select a GlobalPlatform Qualified Laboratory that is
also an EMVCo Accredited Laboratory and pass GlobalPlatform testing
requirements. EMVCo will review the GlobalPlatform Letter of Qualification in
conjunction with the test results of the PPSE and/or Secure Element Contactless
Management (GlobalPlatform Contactless Registry Service) implementation and the
Platform security evaluation before issuing an EMVCo Letter of Compliance.
Page 18
v 2.0
September 2011

5.4
5 Type Approval
CMP Applications
Functional and security evaluation of CMP applications is not covered by EMVCo

and remains the responsibility of individual payment systems.
5.5
Contactless Mobile Payment Terminal Approval
Support for Contactless Mobile Payment has been included in the EMVCo terminal
specifications, and will be type approved in the EMVCo Terminal Type Approval
Programme.
September 2011
v 2.0
Page 19
5 Type Approval
Page 20

v 2.0
September 2011

Looking Forward
There has been considerable progress in the area of Contactless Mobile Payment
since EMVCo first began to consider the area. The market has moved from regarding
CMP as a potentially interesting area to a position where CMP is ready for
commercial deployment. The specifications required to deploy interoperable CMP are
in place.
This does not mean that all issues around CMP deployment are fully defined. There
remain many deployment options which are available, and it is not yet clear which of
these options will be most appropriate in various regions around the world. As the
market further matures it is expected that new areas will be identified which need
specifications in order to support continued growth of CMP. EMVCo will continue to
monitor the market, to identify areas where specification work is required, and to
evaluate what role EMVCo should play in developing these specifications.
September 2011
v 2.0
Page 21

Page 22
v 2.0
6 Looking Forward
September 2011

Annex A
Summary of Contactless Mobile Payment Areas
Table 1 provides a summary of the areas which EMVCo has addressed in its work, and a non-exhaustive list of other specification
bodies which are also contributing.
Table 1 Areas Addressed by EMVCo and Other Specification Bodies
Component
EMVCo Specifications
EMVCo Approval
CMP Application
CMP Application
Choice
Related
Specification
Bodies
Payment Systems
Application Activation User

Interface (5)
PPSE
Related Approval
Bodies and Processes
Payment Systems
GlobalPlatform
NFC Forum
ETSI SCP
CMP Application
Lifecycle
Contactless Payment
Terminals
September 2011
Payment Systems
EMVCo contactless terminal

specifications
Payment Systems
EMVCo contactless terminal

type approval programme
v 2.0
Page 23
2011 EMVCo, LLC (EMVCo). All rights reserved. Any and all uses of the EMV Specifications (Materials) shall be permitted only pursuant to the terms and conditions of the license
agreement between the user and EMVCo found at http://www.emvco.com/specifications.aspx.

Component
Secure Element
EMVCo Specifications
EMV Profiles of
GlobalPlatform UICC
Configuration (6)
Provisioning and
Personalisation
EMVCo Card Personalisation

Specification (12)
Contactless
Communication
Modules
EMV Contactless
Communication Protocol
Specification (11)
Mobile Device
Requirements
Handset Requirements for

(4)
September 2011
Annex A
EMVCo Approval
EMVCo Security Evaluation
Summary of Contactless Mobile Payment Areas
Related
Specification
Bodies
GlobalPlatform
GlobalPlatform based
Secure Element functional
testing
Related Approval
Bodies and Processes
GlobalPlatform
Common Criteria
GlobalPlatform
AFSCM
CCPS
NFC Forum
NFC Forum
ETSI SCP
GSMA
v 2.0
Page 24

Annex B
Frequently Asked Questions

Table 2 Frequently Asked Questions
Will EMVCo define a common Contactless

Mobile Payment Application?
The specification of Contactless Mobile Payment applications is the responsibility of the

individual Payment Systems, and EMVCo has no plans to define a common Contactless
Mobile Payment Application.
Does EMVCo require a particular type of

Secure Element?
EMVCo does not require a particular type of Secure Element. EMVCo allows for all
different architectural options, e.g. UICC, embedded SE, removable SE.
Does EMVCo have specifications for

terminals which accept Contactless Mobile
Payments?
Terminals which accept Contactless Mobile Payments are covered by the standard EMV
contactless terminal specifications. EMVCo has not defined specific requirements for
terminals supporting CMP.
Will EMVCo type approve mobile devices for

CMP?
EMVCo is exploring options for making use of mobile industry compliance programmes
to provide EMVCo accreditation in this area.
Will EMVCo type approve Secure

Elements?
EMVCo has a Security Evaluation programme for Secure Elements that covers the
silicon and the operating system.
EMVCo has a functional evaluation programme for implementations of the Application
Activation User Interface specification (5) requirements within Secure Elements.
September 2011
v 2.0
Page 25

Annex B
Frequently Asked Questions
Does EMVCo require all available Secure

Elements to be active at one time?
EMVCo does not specify any policy regarding the number of Secure Elements or how
many should be active at any one time. EMVCos specifications in this area are designed
to have sufficient flexibility to cover all implementations.
Does EMVCo require the use of

GlobalPlatform based Secure Elements?
EMVCo does not require the use of GlobalPlatform Secure Elements; however, as
GlobalPlatform is a widely deployed standard for Secure Elements, EMVCo has defined
specifications for its use.
As part of the EMVCo type approval programme, EMVCo recognizes the GlobalPlatform
Compliance Program for GlobalPlatform based Secure Elements.
Does EMVCo require that a mobile device

be able to perform a Contactless Mobile
Payment transaction when the device is off
or the battery is low?
September 2011
EMVCo does not require that payment applications shall operate when the mobile device
is in battery off/battery low state. However, for devices that allow communication with the
Secure Element when the device is switched off, the Application Activation User
Interface specification (5) defines methods for intelligent selection of applications based
on the ability of the application to run without the user interface being available. This
issue is discussed further in the Handset Requirements for Contactless Mobile Payment
(4).
v 2.0
Page 26

Annex C
Actions Taken in Response to Areas Defined in the Technical

Issues and Position Paper
The EMVCo Technical Issues and Position Paper (2), published in October 2007, identified a number of areas in which EMVCo planned
to undertake work. The actions EMVCo has taken in these areas since the publication of the paper are summarised in Table 3 below.
Table 3 EMVCo Actions Based on Areas of Work Identified in Technical Issues and Position Paper
Identified Area of Work
EMVCo Action
EMVCo to consider a functional requirement that provisioning and personalisation

of the contactless payment application can be in a single or separate sessions.
Additionally, EMVCo is to ensure there is a standard mechanism to personalise a
contactless payment application based on EMV CPS.
Industry standard provisioning methods (for

example, GlobalPlatform) allow for the separate
provisioning and personalisation of CMP
applications.
The details of personalising an application are a
CMP application issue, and therefore the
responsibility of the individual payment systems.
EMV Card Personalization Specification (12) may
be used but is not required.
September 2011
v 2.0
Page 27

Annex C
Actions Taken in Response to Areas Defined in the Technical Issues and Position Paper
EMVCo Action
EMVCo will consider how EMV CPS may be used with secure messaging
protocols such as those of GlobalPlatform and GSM 03.48 in a mobile
environment. If necessary, EMVCo will consider enhancing CPS to provide the
necessary capabilities for the mobile environment, and providing best practice
guidelines as appropriate.
This is supported in the EMV Profiles of

GlobalPlatform UICC Configuration specification
(6).
EMVCo to consider developing requirements of standard methods for registering a

new application on a Secure Element, and collaborating with other bodies such as
GlobalPlatform to define the appropriate method and mechanism for registration.
The Application Activation User Interface

specification (5) defines a standard usage of a
Secure Element Card Management system (such
as GlobalPlatform Contactless Registry Service)
for registering new CMP applications on a Secure
Element.
EMVCo to consider developing User Interface requirements to assist the user in

securely managing and monitoring the processes for provisioning, personalisation,
and update of the payment application on a Secure Element in a mobile device.

specification (5) provides User Interface best
practices in this area.
EMVCo to consider identifying the requirements of a standard configuration of

operating systems to support contactless payment applications, and to work with
other industries to develop a de facto standard.
EMVCo has published EMV Profiles of

GlobalPlatform UICC Configuration (6). It is
planned to publish an equivalent document for
non-UICC GlobalPlatform Secure Elements, and
further profiles may be considered.
September 2011
v 2.0
Page 28

Annex C
EMVCo Action
EMVCo to consider the use of EMV Scripts and EMV CPS in the mobile
environment, in particular for post issuance and post distribution updating of the
payment application and its counters and parameters; additionally, EMVCo to
develop best practice guidelines and User Interface requirements for the
management of post-distribution provisioning mechanisms, such as those offered
by GlobalPlatform. Enhancements to the PPSE will also be considered as
appropriate.
EMVCo considers the use of EMV Scripts to be a

CMP application specific issue, and as such to be
the responsibility of the Payment Systems.
Provisioning and Personalisation is out of scope of
EMVCos work although the EMV Card
Personalisation Specification (12) may be used for
this purpose.
The use of the PPSE for Contactless Mobile
Payment is defined in the Application Activation
User Interface specification (5).
EMVCo to consider best practices guidelines that the methods used to provision
the payment application in a Secure Element also be able to remove the payment
application. In the event that the Secure Element application environment does not
allow for the deletion of the payment application, EMVCo to consider User
Interface requirements and mechanisms to allow for the disablement of the
payment application and the deletion of the payment credentials.
September 2011
v 2.0
Deletion of applications is supported by many of

the Secure Element operating systems, including
GlobalPlatform, and it has not been necessary for
EMVCo to define specific requirements in this
area.
Disablement of a CMP application and deletion of
the payment credentials within an application is a
CMP application issue, and the responsibility of
the Payment Systems.
Page 29

Annex C
EMVCo Action
EMVCo to consider a best practices guideline that the standard processes for
deletion and provisioning and personalisation should be used to transfer the
credentials from one mobile device Secure Element to another mobile device
Secure Element.
Provisioning and personalisation is out of scope of

EMVCos work at this time.
In order to enable interoperability between removable Secure Elements, EMVCo to

consider the development of requirements for standardised commands from the
user interface application and the payment application along with standard
application labels which may be used to store customised information associated
with the payment application. These requirements will also consider the security
between the user interface application and payment application.

specification (5) specifies how the Secure Element
Contactless Management system may be used to
provide information about the CMP application in
a standard manner. It also defines a command for
activating and deactivating a CMP application.
EMVCo to consider development of requirements for management of customised

elements on a mobile device and to collaborate with standards bodies such as the
Open Mobile Alliance to define appropriate device management mechanisms.
EMVCo has a liaison with the NFC Forum which is

defining the NFC Controller Interface.
EMVCo to consider defining the API between the user interface application and the
payment application.
The CMP application is the responsibility of

Payment Systems, and EMVCo has not defined
standardised commands between the user
interface application and the CMP application
except for an optional command for activating and
deactivating an application which is defined in the
Application Activation User Interface specification
(5).
September 2011
v 2.0
Page 30

Annex C
EMVCo Action
EMVCo to consider a best practices guideline that the standard methods of

provisioning applications on the mobile platform should be used and/or enhanced
for provisioning the user interface application.
Provisioning and personalisation is out of scope of

the work of EMVCo at this time. The use of the
Secure Element Contactless Management system
to provide information to a user interface
application in a standard manner is defined in the
(5).
To assist with customer care interactions, EMVCo to consider defining standard

application labels and/or application commands which may be used to assist in
customer care.
EMVCo has not defined any specific support in

this area.
EMVCo to consider user interface requirements and application commands that

enable the locking and unlocking of a proximity payment application. These
commands should provide for convenient and secure application usage
management of multiple accounts contained on Secure Elements, including
options for locking policies such as frequency of application locking and locking per
application or for all applications.
EMVCo has defined a command which may be

used to activate or deactivate a CMP application
in the Application Activation User Interface
specification (5).
September 2011
v 2.0
The use of Confirmation Codes for locking

applications is considered a CMP application
issue and the responsibility of the individual
Payment Systems.
Page 31

Annex C
EMVCo Action
The contactless payment application must have a mechanism to enable the POS
terminal to interact with the chosen payment application. It is expected that the
PPSE mechanism defined by EMVCo should provide this capability. This should
include considerations of enhancing the PPSE as appropriate to support the
mobile payment environment
The mechanisms to support a user choosing a

particular CMP application, and the mechanisms
for communicating the choices to the contactless
terminal (including the PPSE) are defined in the
(5).
EMVCo to consider defining commands for a user interface application to manage

the PPSE appropriately in order to reflect the user selection of the payment
instrument.
The use of the PPSE for Contactless Mobile

Payment is described in the Application Activation
User Interface specification (5) which includes the
specification of commands for managing the
PPSE when it is implemented on a Secure
Element.
September 2011
v 2.0
Page 32

Annex C
EMVCo Action
EMVCo to account for the following set of considerations in the development of

User Interface requirements and best practices guidelines:
Any payment application supporting multiple payment credentials should

provide the user with the ability to select the set of credentials to be used on a
transaction-by-transaction basis. It would also be desirable to allow the user to
select a default set of credentials to be used, unless an alternate set of
credentials is selected for a particular transaction.
The interaction between the mobile device and the POS terminal should not
allow the merchant to override the user preferences, and the behaviour of POS
terminals needs to be defined to respect the user preferences.
Malicious readers seeking to attack the payment application need not follow the
behaviour specified for a POS terminal, so mechanisms to prevent the
activation of non-selected applications should be explored.
The mechanism for selection of a particular account when multiple contactless

payment applications are available should be specified, but not the user
interface (beyond guidelines and recommendations from EMVCo).
The API which the mobile device must send to the contactless payment
application for account selection should be standardised for interoperability
between user interface applications and the payment application.
September 2011
v 2.0
These areas have been taken into consideration

in the development of the Application Activation
User Interface specification (5).
Page 33

Annex C
EMVCo Action
EMVCo to consider requirements for the mobile contactless payment application

operating when the device is powered down. Such considerations include:
Having a default application selection method, possibly based on the power

state of the mobile device;
Detection of power state and restricting functionality accordingly.
EMVCo to consider how the mobile contactless payment application should

provide a mechanism to the mobile device to indicate when branding should be
displayed, and what branding should be displayed.
September 2011
v 2.0

specification (5) provides mechanisms for
identifying CMP applications that are capable of
operating when the User Interface is not available
(for example, when battery power is too low), and
a mechanism for selecting appropriate CMP
applications when the UI is not available.
This is addressed in the Handset Requirements
for Contactless Mobile Payment (4).
Page 34

Annex D
Glossary
AAUI
Application Activation User Interface
AFSCM
Association Franaise du Sans Contact Mobile
API
Application Programming Interface
Application Activation User

Interface (AAUI)
A user interface application on a mobile device

that enables the consumer to manage the use
of their contactless applications.
Association Franaise du
Sans Contact Mobile (AFSCM)
A non-profit organisation which aims to facilitate

the technical development and promotion of
mobile contactless services. The AFSCM was
founded by French mobile operators Bouygues
Telecom, Orange France, and SFR.
CCD
Common Core Definitions
CCPS
Contactless Communication Protocol

Specification
CMP
Common Core Definitions

(CCD)
A minimum common set of card application

implementation options, card application
behaviours, and data element definitions
sufficient to accomplish an EMV transaction, as
defined in EMV Integrated Circuit Card
Specifications for Payment Systems, Book 3:
Application Specification, available at
www.emvco.com.
Common Payment Application
An EMVCo specification that defines the data

elements and functionality for an application
that complies with the EMV Common Core
Definitions (CCD).
Composition Model
See GlobalPlatform Composition Model.
September 2011
v 2.0
Page 35
Annex D Glossary

Contactless Communication
Module
A module within a mobile device providing a

contactless interface compatible with EMV
Specification (11).

(CMP)
Integration of EMV-based contactless payment

technology in mobile devices.

Application
An application that is hosted in a Secure

Element and that performs information
exchange and processing needed to perform a
Contactless Mobile Payment transaction.
Contactless Payment
Terminal
A contactless reader conforming to EMV

Specification (11) and compliant with EMV
specifications related to the use of the PPSE
that is capable of conducting a payment
transaction with a Contactless Mobile Payment
Application.
Contactless Registry Service

(CRS)
See GlobalPlatform Contactless Registry

Service.
CRS
Contactless Registry Service
EMV
A global standard for credit and debit payment

cards based on chip card technology. The EMV
Integrated Circuit Card Specifications for
Payment Systems are developed and
maintained by EMVCo.
EMV CPS
EMV Card Personalization Specification
Page 36
v 2.0
September 2011

Annex D Glossary
EMVCo
EMVCo LLC is the organization of payment

systems that manages, maintains, and
enhances the EMV Integrated Circuit Card
Specifications for chip-based payment cards
and acceptance devices, including point of sale
(POS) terminals and ATMs. EMVCo also
establishes and administers testing and
approval processes to evaluate compliance with
the EMV Specifications. EMVCo is currently
owned by American Express, JCB, MasterCard,
and Visa.
EMVCo Accredited Laboratory
An independent, impartial entity that has

received a Letter of Accreditation from EMVCo,
entitling it to perform testing for specified Type
Approval; in the context of this document, to
perform testing for CMP Type Approval.
EMVCo Compliance
Certificate
A certificate issued by EMVCo when sufficient

assurance has been demonstrated for an IC,
Platform, or Card Product.
EMVCo Letter of Compliance
Written statement that documents the decision

of EMVCo that a specified CMP Product has
demonstrated sufficient conformance to the
EMV Specifications as of its test date.
ETSI SCP
European Telecommunications Standards

Institute technical committee Smart Card
Platform
GlobalPlatform
A cross industry, not-for-profit association which

identifies, develops, and publishes
specifications to facilitate secure and
interoperable deployment and management of
multiple embedded applications on secure chip
technology.
GlobalPlatform Composition
Model
A methodology for the evaluation of composite

products; that is, Secure Elements that include
an open platform and one or more applications.
September 2011
v 2.0
Page 37
Annex D Glossary

GlobalPlatform Contactless
Registry Service (CRS)
A GlobalPlatform SECM service for managing

the contactless applications on a Secure
Element.
GlobalPlatform Letter of
Qualification
Written statement that documents the decision

of GlobalPlatform that a specified Secure
Element has demonstrated sufficient
conformance to the GlobalPlatform
specifications as of its test date.
GlobalPlatform Qualified
Laboratory
A laboratory facility that has received written

validation by GlobalPlatform that such facility
has satisfied all GlobalPlatform prerequisite
requirements and conditions for the purposes of
performing testing services on Card Products
according to GlobalPlatform Card Qualification
Process procedures.
GSM 03.48
A specification of the structure of Secured

Packets in a general format and in
implementations using Short Message Service
Point to Point and Short Message Service Cell
Broadcast.
GSM Association
An association of mobile operators and related

companies devoted to supporting the
standardizing, deployment, and promotion of
the GSM mobile telephone system.
GSMA
GSM Association
Handset
A type of mobile device, specifically a mobile

phone handset.
IC
Integrated Circuit
IC Certificate
The EMVCo Compliance Certificate of an IC.
Letter of Compliance
See EMVCo Letter of Compliance.
Letter of Qualification
See Global Platform Letter of Qualification.
Page 38
v 2.0
September 2011

Annex D Glossary
Mobile Device
A portable electronic device with contactless

and wide area communication capabilities.
Mobile devices include mobile phones and
other consumer electronic devices such as
suitably equipped PDA.
Near Field Communication

(NFC)
A short range contactless proximity technology

based on ISO/IEC 18092, which provides for
ISO/IEC 14443 compatible communications
and enables devices to communicate with each
other when brought into close range.
NFC
Near Field Communication
NFC Forum
A non-profit industry association that promotes

the use of NFC short-range wireless interaction
in consumer electronics, mobile devices, and
PCs.
Open Mobile Alliance
An industry forum for developing market driven,

interoperable mobile service enablers.
OTA
Over-the-Air
Over-the-Air (OTA)
A method of distributing software to mobile

phones and provisioning handsets with the
settings necessary to access messaging
services.
Personalising
Setting selected application data to enable the

use of a card by a particular cardholder.
Platform
The collective name for the integrated circuit

(IC) hardware with its dedicated software,
Operating System (OS), Run Time Environment
(RTE), and Platform environment on which one
or more applications (e.g., CPA) can be
executed.
Platform Certificate
The EMVCo Compliance Certificate of a

Platform.
POS
Point of Sale
September 2011
v 2.0
Page 39
Annex D Glossary

PPSE
Proximity Payment System Environment
Provisioning
The process of installing a payment application

on a secure element.
Proximity Payment System

Environment (PPSE)
A mechanism for presenting the contactless

applications available for conducting a
transaction to a Contactless Payment Terminal.
The PPSE is the first application selected by a
Contactless Payment Terminal, and based on
the information provided by the PPSE, the
terminal uses the highest priority application it
supports to process a contactless payment.
SE
Secure Element
SECM
Secure Element Contactless Management
Secure Element
A tamper resistant module in a mobile device

capable of hosting applications in a secure
manner. A Secure Element may be an integral
part of the mobile device, or may be a
removable element which is inserted into the
mobile device for use.
Secure Element Contactless

Management (SECM)
A scheme employed by a Secure Element to

manage the contactless applications thereon.
The scheme could vary depending on the
Secure Element implementation.
SIM
Subscriber Identification Module
Subscriber Identification
Module
A smart card that securely stores the key

identifying a mobile phone service subscriber,
as well as subscription information, phone
numbers, preferences, etc. It can also be used
to securely store a Contactless Mobile Payment
application.
Trusted Service Manager

(TSM)
An entity that securely manages contactless

mobile payment applications and other
applications on a Secure Element, for example
to support personalisation and provisioning.
Page 40
v 2.0
September 2011

Annex D Glossary
TSM
Trusted Service Manager
Type Approval
Acknowledgment by EMVCo that the specified

product has demonstrated sufficient
conformance to applicable EMV specifications
for its stated purpose.
UICC
Universal Integrated Circuit Card
September 2011
v 2.0
Page 41

EMVCo White Paper On Contactless Mobile Payment 20110921111857912

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

EMVCo White Paper On Contactless Mobile Payment 20110921111857912

Uploaded by

Copyright:

Available Formats

EMV*

Contactless Mobile Payment

EMVCo White Paper on Contactless

EMVCo White Paper on Contactless

EMV Contactless Mobile Payment

EMV Contactless Mobile Payment

Contactless Mobile Payment Overview ............................................................. 5

Meeting These Goals.................................................................................... 6

EMVCo Technical Work and Perspective ........................................................ 11

Contactless Mobile Payment Applications .................................................. 11

Application Choice and Activation .............................................................. 11

CMP Application Lifecycle .......................................................................... 12

Payment Terminals Supporting Contactless Mobile Payment .................... 12

Secure Elements ........................................................................................ 13

Personalisation and Provisioning of CMP Applications .............................. 14

Contactless Communication Modules ........................................................ 15

Mobile Device Requirements to Support CMP ........................................... 15

Type Approval .................................................................................................... 17

Mobile Handsets ......................................................................................... 17

Secure Elements ........................................................................................ 18

Security Evaluation ......................................................................... 18

CMP Applications ....................................................................................... 19

Contactless Mobile Payment Terminal Approval ........................................ 19

Summary of Contactless Mobile Payment Areas .............................. 23

Frequently Asked Questions ............................................................... 25

Actions Taken in Response to Areas Defined in the

EMV Contactless Mobile Payment

EMV Contactless Mobile Payment

Contactless Mobile Payment Architecture Overview (3) provides an architecture

Handset Requirements for Contactless Mobile Payment (4) provides guidance to

Application Activation User Interface Overview, Usage Guidelines, and PPSE

EMV Profiles of GlobalPlatform UICC Configuration (6) specifies a number of

EMV Contactless Mobile Payment

EMV Contactless Mobile Payment

EMV Mobile Contactless Payment: Technical Issues and Position Paper.

EMVCo Contactless Mobile Payment: Contactless Mobile Payment

EMV Contactless Mobile Payment: EMVCo Handset Requirements for

EMVCo Contactless Mobile Payment: Application Activation User Interface

EMVCo Contactless Mobile Payment: EMV Profiles of GlobalPlatform

EMV Contactless Specifications for Payment Systems. Book C-1. Kernel 1

EMV Contactless Specifications for Payment Systems. Book C-2. Kernel 2

EMV Contactless Specifications for Payment Systems. Book C-3. Kernel 3

EMV Contactless Specifications for Payment Systems. Book C-4. Kernel 4

EMV Contactless Specifications for Payment Systems. Book D. EMV

EMV Card Personalization Specification. Version 1.1, 2007.

EMVCo Card Testing Framework for Contactless. Version 1.0, 2010.

EMV Security Guidelines. EMVCo Security Evaluation Process.

EMV Contactless Mobile Payment

EMV Contactless Mobile Payment

Contactless Mobile Payment Overview

The increasing rate of convergence between the mobile telecommunications and

3 Contactless Mobile Payment Overview

To define chip data security requirements

To define a framework for Type Approval process

To define global interoperability between Contactless Mobile Payment

To identify user interface issues

To standardise contactless mobile proximity payment infrastructure

To fill in gaps which exist in the standardisation of Over-the-Air (OTA) card

To actively engage relevant standards organisations in order to ensure EMV

To speak with a common voice to vendors, operators, banks, and merchants

Throughout the process of working towards the creation of a global interoperable

Meeting These Goals

EMV Contactless Mobile Payment