CARTES considers questions of security

Ensuring the security of payment systems is essential to maintain consumer confidence. The conference track ‘EMV: Challenges and benefits’, looks at ways of improving that security. When a customer uses his payment card in a store, he expects that the system will be secure. The interaction between EMV payment cards and POS terminals is strictly controlled.
November 4, 2014 Read time: 2 mins

Ensuring the security of payment systems is essential to maintain consumer confidence.

The conference track ‘EMV: Challenges and benefits’, looks at ways of improving that security. When a customer uses his payment card in a store, he expects that the system will be secure. The interaction between EMV payment cards and POS terminals is strictly controlled.

However, despite the existence of many systems that encrypt the PAN moving between the card reader and the processing infrastructure, part of the PAN’s journey is still ‘en clair’ – unencrypted. Over the years, the industry has spent a great deal of time and money on enforcing compliance with PCI DSS across the payment industry. However, data breaches still happen.

Milos Dunjic, CTO, Cardis International, will present a new solution that implements PAN with format preserving encryption (FPE) inside the card’s EMV payment application and is fully under the card issuer’s control. The new system is said to be radically different from previous methods. The solution is said to be fully resistant to replay attacks, as it ensures that the PAN reference is valid for only a single transaction. Since POS terminals, merchant acquirer and payment network systems handle only a unique per transaction format preserving PAN references, this eliminates the danger of criminals stealing real PAN data and then using it in CNP payments. Following on from this presentation, Andreas Strobel, board member with the Smart Payment Association, will give a presentation that analyses the advantages and disadvantages of different implementations, reflecting different business models. He will assess the standardisation efforts for online payment using tokens.


‘End-to-end tokenisation of PAN between EMV-application/digital-wallet and issuer host’, 14:40-15:00, Room 3

‘A Secure Profile for Tokenization in E and M-Commerce’, 16:30-17:00, Room 3

Related Content

  • What’s right with this picture?
    September 12, 2024
    AI-driven image review is a game changer for tolling industry efficiency. Rafael Hernandez of IntelliRoad outlines the importance of partnerships with service providers
    Read More
  • Opinion: MaaSive fail
    January 29, 2021
    Are we in danger of losing our way on Mobility as a Service? Johan Herrlin of Ito World wonders if there is too much focus on the system and not enough on problem-solving...
    Read More
  • Apple’s arrival on payment scene is ‘tipping point’ in e-payments, says Verifone boss
    November 4, 2014
    The new Apple Pay system will give a major boost to the contactless payment sector, industry experts believe. The benefits of such an influential name lending its weight to NFC devices are considerable, says June Yee Felix (right), president of Verifone Europe. “Apple Pay is something wonderful for our industry,”she told several hundred delegates attending the Opening Summit of CARTES SECURE CONNEXIONS 2014. “They have engaged the consumer.
    Read More
  • Sorting sensible from shiny in tolling technology
    December 11, 2014
    Instead of always striving for the latest shiny toys Kevin Hoeflich of HNTB advises a 10-steps method for selecting the most appropriate technology. Amid the hype and razzmatazz surrounding the launch of Apple’s iPhone 6, the company also announced its new mobile payment system, Apple Pay. Built into the new iPhone 6, Apple Pay works at 220,000 merchants across America and is supported by major US banks and the big three credit card companies.
    Read More

Highlighted Content