EMV Training By TONEX

EMV Training By TONEX

EMV Training Course Description

EMV training course provides detail information about EMV specifications and associated security mechanisms. EMV training covers both practical and theoretical aspects of the EMV.

EMV training course also provides sufficient knowledge about EMV and contactless form factors, acceptance instruments, transaction processing, card and terminal architectures, and best practices.

EMV training course teaches you the fundamental of EMV transactions at a technical level. EMV hands-on training also discusses mobile payment technologies. We will cover EMV standards as well as implementation policies. The EMV standards are the basis of contactless NFC and mobile payments. Therefore, we will teach you the standards of contactless NFC and mobile payment elements.

What is EMV

Learn about

• EMV terminology
• EMV specifications
• EMV transaction flow
• EMV migration impacts
• Personalization profiles
• EMV chip card
• Chip transaction methods
• Benefits of EMV to issuers, merchants, acquires
• Smartcards
• Cryptography
• Payment Systems
• Public Key Infrastructure
• Cryptogram generation and validation
• CVM Methods
• EMV functional architecture
• Card authentication
• Offline vs online authorization
• Stand-in authorization
• Floor limits
• Issuer scripting
• Review ISO 8583 message formats and EMV field
• 12 stages of the EMV transaction
• EMV migration challenges and strategies
• EMV and review best business model development
• EMV online and offline PIN management
• PIN handling
• EMV data encryption methods
• EMV security aspects
• Contactless market
• Contactless Standards PayPass, PayWave, EMVCo
• Contactless payment applications
• Mobile Payment components – SE, TSM, OTA

TONEX EMV Training Methodology

This is a hands-on seminar including both lectures and practices. The majority of the training is devoted to exercises with real case studies, creating EMV testing cards, and simulating transactions.

Audience

EMV training is a 3-day course designed for:

• Technical managers
• Bank personnel involved in transaction process
• Operators and engineers
• IT personnel
• Security team members
• Sales and marketing team
• Fraud monitoring staff
• EMV project managers
• System support and development personnel
• Customer service
• Business analysts

Training Objectives

Upon completion of EMV training course, attendees are able to:

• Understand the concepts and principals of the EMV
• Understand the interaction between card and terminal
• Discuss the security mechanisms of EMV
• Prepare risk management protocols
• Understand the fundamental principals of smartcards and cryptography difference between various categories of EMV implementation
• Explain a thorough EMV transaction flow
• Assess an EMV transaction log and fix common errors
• Discover EMV best practices for your own EMV products
• Analyze main business decisions affecting card issuing projects and cards
• Compare EMV alternatives for authentication and authorization
• Combine the formerly learned knowledge into a clear practical role of EMV in the card payment environment

Course Outline

Overview

• Definition of EMV
• The birth and evolution of EMV
• The business context of EMV
• An EMV reader
• Profile design and card personalization
• EMV – A Look Inside
• EMV Is driven by cryptographic processes
• EMV demands key management
• Benefits of EMV to merchants and acquirers
• Benefits of EMV to issuers
• Business process implications
• Magnetic stripe card/signature legacy
• Rationale of EMV & EMVCo
• High-level functions & requirements
• Range of EMV specifications
• Certification & type approval
• Role of the payment systems (Card Schemes)
• Current & future developments

Main Capabilities Affecting the Chip Card

• Authentication
• Verification
• Authorization

How the Chip Card Communicate with the Terminal?

• Contact card
• Pure contactless card
• Dual interface card

Chip Card Structure

• Chip technology (processors, memory)
• Card Operating Systems & Virtual Machines
• Card application development & open platforms
• Card application personalization
• Multi-application cards

Smartcard Fundamentals

• Different types
• Policies and standards
• Procedures

Public key infrastructures

• Card behavior
• Offline CAM
• CVM

Payment Industry Basics

• Euro-cards, MasterCard, Visa
• 3 and 4-party scheme
• Processor
• Authorization
• Settlement
• Single message

Payment Schemes

• Concept
• Payment brands
• Deference of credit, debit, pre-paid and ATM

Introduction to EMV Transaction

• How does EMV handle offline and online transactions?
• What safety actions can be taken?
• What are the pros and cons?
• Does EMV shield us against skimming fraud?
• What is issuer scripting?
• When can it be used?
• Major differences between a magnetic stripe transaction and a chip transaction
• Evaluate the dissimilarities between the EMV terms and the EMV implementations defined respectively by Visa and MasterCard
• Review of the major business benefits of the EMV chip card
• Visa and MasterCard liability shifts

EMV Security Benefits

• Solutions offered by chip EMV card to enhance the security of offline transactions
• Benefits of offline transactions vs. online transactions
• Solutions offered by chip EMV card to improve the security of online transactions
• Selection principles between the offline authentication methods defined in EMV (SDA/DDA/CDA)

EMV Fraud Protection

• Types of card fraud
• Role of EMV authentication
• Role of Card Risk Management
• Role of Issuer host systems

EMV Card Content

• Application selection data
• Cardholder data
• System data
• Risk management data (Visa/MasterCard)
• Cryptographic data

EMV Transaction Flow

• Transaction setup
• Sequence of functional steps in a transaction
• Step-by-step transaction flow
• EMV parameters and their usage
• Issuer host processing of EMV transaction data
• Transaction checks
• Transaction analysis
• Transaction completion
• The relation between EMVCo and Visa, MasterCard, Amex etc

EMV Card Applications (contact & contactless)

• Visa
• MasterCard
• Amex
• Discover
• Application-specific parameters & their usage
• Examples
• Transaction flow (application-specific steps)
• Discussion on parameter setting

Fundamentals of Contactless Payments

• What is contactless technology?
• What is NFC?
• Why contactless?
• Contactless brands and “flavors”
• Magstripe vs. EMV grade contactless?
• Functional differences between payWave, PayPass and Expresspay

EMV Specifications, Testing and Certification

• EMV terminal certification
• Terminal brand approval
• Tools and cards required for the testing and certification of different systems
• Relationship between the EMV specifications and the specifications of the payment schemes

CTLS Specifications, Testing and Certification

• EMV Entry Point certification
• Terminal brand approval
• Tools and cards required for the testing and certification of different systems
• Relationship between the EMV specifications and the Contactless specifications of the payment schemes

EMV Cryptography & Key Management

• Symmetric & asymmetric key cryptography
• Cryptographic algorithms
• EMV symmetric key functions (card-issuer host)
• EMV asymmetric/public Key functions (card – terminal)
  • SDA, DDA, CDA & PIN Encipherment
• Role of Certification Authority
• Role of issuer/Personalization bureau

EMV Card Personalization

• Categories of Personalization Data
  • EMV Application Templates
  • Application Data Profiles
  • EMV Cardholder Data
  • Cryptographic Generated Data
• Card Personalization Processes
• Data Preparation
• Card Personalization
• Card Testing

Card Personalization Testing

• Introduction to EMV Card Test Tool
• Home screen, Operations & Test Reports
• Test demonstrations & reviews
• Test Scenarios & Parameters
• Further live demonstrations & review

Terminal Risk Management

• Checks performed by the terminal
• Terminal Action Analysis
• Terminal Action Analysis after online processing
• Recommendations defined by Visa and MasterCard

Cardholder Verification Procedure

• Review of the potential approaches accessible to an Issuer
• Analysis of the procedure used by the terminal (CVM algorithm)
• Recommendations defined by Visa and MasterCard

Card Authentication Methods

• Approaches accessible at terminal level based on Public Key Infrastructure proposed by payment System (SDA / DDA / CDA)

Card Risk Management Stated by a Payment System (Visa or MasterCard)

• Offline Transactions Management
• Card Decision Process 1
• Card Decision Process 2 (after online authorization)

TONEX EMV Hands-On Workshop Sample

• EMV technical transaction exercise
• Analyzing sample transaction failure
• Evaluating EMV transaction performance
• CTLS technical transaction flow exercise

Real Case studies of Contactless and NFC

Exercises on Card Risk Management

• Based on the card and transaction parameters, you exercise to find out the outcome of the transaction

EMV Training