Karsten:JSC page.

qxd 08/06/2012 10:31 Page 80

Journal of Payments Strategy & Systems Volume 6 Number 1

The European cards environment and

ISO 20022

Diederik Bruggink*, Pierre Karsten** and Carlo R. W. de Meijer*

Received (in revised form): 9th February 2012
*Market Infrastructures GTS, The Royal Bank of Scotland, Paasheuvelweg 25, 1105 BP
Amsterdam, the Netherlands.
Tel: +31 20 4642552; e-mail: diederik.bruggink@rbs.com
Tel: +31 20 4641094; e-mail: carlo.de.meijer@rbs.com
**Business Center Cards, Equens SE, Eendrachtlaan 315, 3526 LB Utrecht, the
Netherlands
Tel: +31 6 50677434; e-mail: pierre.karsten@nl.equens.com

Journal of Payments Strategy &
Systems
Vol. 6, No. 1, 2012, pp. 80–99
 Henry Stewart Publications,
1750–1806
Diederik Bruggink is Vice President Card
Schemes within the Market Infrastructures
department at The Royal Bank of Scotland. He
holds a master’s degree in mechanical engineer-
ing. He is supporting the positioning of the bank
in the relevant market infrastructures by aligning
external industry developments with the internal
strategies and developments in the business
units in the cards area. He acts as a senior
adviser on cards-related strategic topics to inter-
nal key stakeholders and senior management,
and he participates as subject matter expert in
key projects. Before joining RBS, Diederik held
senior positions at MasterCard (Global Debit
Products), ABN AMRO (Market Infrastructures)
and Capgemini (Global Financial Services). He is
a member of the Cards SEG of ISO 20022.
Pierre Karsten is a Senior Advisor in cards and
payments, currently as Senior Officer with a
focus on cards compliance in the Business
Center Cards at Equens SE. His experience
ranges through project management, innova-
tions, business development and compliance.
He received a master’s degree on transmission
of information from the University of Delft and an
MBA from Henley Management College — this
with a dissertation on key issues of compliance
in the EU payments industry (2009). Pierre is a
member of ISO/TC68/SC7 and of WG9 and
WG10. His contribution here represents his own
views and not necessarily those of any other
individual or organisation.
Carlo R. W. de Meijer is Senior Researcher
within the Market Infrastructures department at
The Royal Bank of Scotland. He received a
master’s degree in international economics from
the University of Tilburg in 1977. His main area of
focus is the payments, cards and
securities/derivatives environment and its devel-
opments. During his career, Carlo has held a
large number of posts in the banking sector of
international finance, both as a senior economist
and as a private investment adviser. He has been
a member of several national and European com-
mittees and working groups preparing the launch
of the euro. Carlo has published many papers on
various international and financial topics.
ABSTRACT
The current cards environment in Europe is
fragmented in terms of business solutions and
technical standards. Both the goal of the
European Payments Council (EPC) to realise
a SEPA for Cards, as well as the influence of
other market trends and developments, have
highlighted this fragmentation. The current sit-
uation no longer meets the future business and
security requirements of the European cards

Page 80
Karsten:JSC page.qxd 08/06/2012 10:31 Page 81
industry. This industry is asking for more effi-
ciency, for lower costs, and for straight-through-
processing (STP). A key element that may be
triggering the whole evolution of card payments
is regulation. Without that element, it is
unclear whether the evolution of the market
would have been so rapid. Greater standardisa-
tion and the search for better interoperability
are certainly outcomes of changing regulations.
There are a number of other factors that are
driving the development of the cards industry.
In the future, businesses are likely to require
better efficiency, interoperability and optimised
end-to-end processing. This underlines the
growing need for further standardisation.
Security and the evolution of security require-
ments in card payments will also be essential
considerations. SEPA for Cards asks for more
harmonised standards and interoperability in
the European end-to-end card space. This
should be achieved by replacing the various
local standards with common, global, open
standards. The Eurosystem has asked the EPC
to provide clarity on all standards currently
used or under development for end-to-end card
transactions, and to recommend which will be
used for SEPA for Cards. There are a number
of initiatives in the different domains of the
cards value chain such as EPASOrg and the
Berlin Group that are giving direction to a pos-
sible outcome.There are some difficult questions
that need to be answered. Is it possible to agree
on one standard? What standard will fit into
the new business and security requirements?
Does the current ISO 8583 standard used in
the Acquirer-to-Issuer space suffice, or should
one change over to the more recent ISO
20022? Is a Europe-wide solution enough or
should a more international standard be chosen
given the globalisation of financial markets?
And what are the challenges of adopting
common industry standards through the whole
value chain?
Keywords: SEPA, standardisation,
straight-through-processing, ISO 20022,
cards
Bruggink, Karsten and de Meijer
INTRODUCTION
Notwithstanding the growing conver-
gence between payment transactions and
card payments, the cards sector has not
been affected by the new SEPA payments
standardisation process until recently.
Following the introduction of the physical
euro and the expected migration of
domestic payment instruments to the
SEPA instruments SEPA Credit Transfer
(SCT) and SEPA Direct Debit (SDD), the
need for a European equivalent for card-
based transactions is growing. The goal of
the European Payments Council to realise
a SEPA for Cards, but also other trends
and developments, have put the focus on
the present fragmentation of the card
environment in Europe in terms of busi-
ness solutions and technical standards.
Traditionally, different technical card plat-
forms and different requirements (eg on
security) are used in the various parts of
the cards value chain within European
countries. As a consequence of this frag-
mentation, it is presently almost impossible
to offer customers and multinational
retailers a single card payment solution
which can be used in all SEPA zone coun-
tries. The present situation no longer
meets the future business and security
requirements of the European cards indus-
try, which will demand more efficiency,
lower costs and straight-through process-
ing (STP).
SEPA for Cards asks for more har-
monised standards and interoperability in
the European end-to-end card space. This
should be achieved by getting rid of the
various local standards and replacing them
with common global open standards. The
Eurosystem has asked the European
Payments Council (EPC) to provide clar-
ity on all standards currently used and/or
under development for end-to-end card
transactions, and to provide a recommen-
dation on which standards will be used for
SEPA for Cards. The actual development
Page 81
Karsten:JSC page.qxd 08/06/2012 10:31 Page 82
The European cards environment and ISO 20022
of specifications and implementation of
standards is the responsibility of standardi-
sation initiatives in the different domains,
such as EPASOrg, Berlin Group and
ATICA.1 Is it possible to agree on one
standard? What standard can be chosen
that will fit into the new business and
security requirements? Is the current ISO
8583 standard used in the Acquirer-to-
Issuer space sufficient, or should there be a
change-over to the more recent ISO
20022? Is a Europe-wide solution enough,
or should global standards prevail, given
the globalisation of the financial markets?
And what are the challenges of adopting
common industry standards through the
whole value chain?
SOME IMPORTANT TRENDS
One element which may be triggering the
whole evolution of card payments is regu-
lation. Without this element, it is unsure
whether the evolution of the market
would have proceeded at such a rapid
pace. More standardisation and the search
for a better interoperability are clearly out-
comes of this regulation process. There are
a number of trends that are further driving
the development of the cards industry.
Future business requirements will include
more efficiency, interoperability and opti-
mised end-to-end processing, underlying
the growing need for more standardisa-
tion. Security and the evolution of secu-
rity requirements in card payments will
therefore be an important element to be
taken into consideration.
Global, regional, local
First of all, there is the ongoing process
from localisation to regionalisation/glob-
alisation, resulting in the delivery of prod-
ucts and services on both regional and
global scale. The growing global competi-
tion in the cards market asks for increased
efficiencies and straight-through-process-
Page 82
ing. But also the goal within Europe to
create a SEPA for Cards that aims at elim-
inating technical and operational barriers
between countries and schemes is a
demand for more harmonisation.
New technology
Secondly, the development of new tech-
nologies and upgrades that enable more
efficient end-to-end processing is influen-
tial. The internet has already enabled
widespread e-commerce, while technol-
ogy has brought about the likes of service
oriented architecture and web services. In
the coming years, technology will improve
further and open up new processing and
business possibilities.
Partnership and outsourcing
Thirdly, SEPA requires the separation of
schemes, processing and infrastructures
with open standards. This will result in a
growing demand for quality and separa-
tion of functions in these parts of the value
chain. This will intensify the need for
financial institutions to build partnerships
on each level to realise economies of scale,
and further outsourcing and more special-
isation. This development will also trigger
a growing participation of non-banks, so-
called new payment-service-providers
(PSPs) in the payment chain. The resulting
growing competition could accelerate the
process of innovation and increased effi-
ciency in payment channels.
Innovations
The fourth trend is in the domain of
innovations. Developments such as Near
Field Communication (NFC) in the
mobile environment are triggering a wide
range of new initiatives for innovation in
the payments and cards sector, in new
channels such as contactless payments and
mobile payments. These payment types
will gain stronger positions in the coming
years and will create new partnerships on a
Karsten:JSC page.qxd 08/06/2012 10:31 Page 83
regional and global scale. Integration of
internet with mobile, social platforms, vir-
tualisation and identification are all in
need of more interoperability and stan-
dardisation. How will identification be
performed securely in the future (cards)
world?
Convergence
Finally, there is the trend towards conver-
gence, where differences between the var-
ious payment instruments (such as credit
transfers and direct debits on the one
hand, and card and mobile payments on
the other) begin to disappear, and pay-
ments become more a matter of point-to-
point transactions: the simple movement
of value from one point to another. This
will further increase the need for end-to-
end business processes to work as
smoothly as possible. There must also be
conversion of payments building blocks
(taking parts of current (legacy) solutions),
eg faster payments. All these developments
are building the current and future pay-
ment infrastructure.
STRAIGHT-THROUGH-PROCESSING
AND RECONCILIATION: THE NEED
FOR STANDARDISATION
These upcoming trends and developments
increasingly require a strategic evaluation
of standardisation within the card envi-
ronment. There is a growing need for
deeper alignment of business processes
and models across the entire industry. But
real STP in the cards world is a challeng-
ing goal from a standards point of view.
With the use of various local standards,
and in a number of stages of the whole
value chain, there is no standardisation at
all, and this limits efficient STP within a
SEPA environment. The use of ‘local’ (or
scheme) standards means that there is a lot
of ‘translation’ between message standards,
particularly for acquirers or intermediate
Bruggink, Karsten and de Meijer
agencies. The growing needs of the
European cards industry for STP
throughout the whole card value chain, in
terms of increased efficiency, interoper-
ability, speed etc., require more har-
monised and open standards to facilitate
their operations. Optimised STP, with
smoothly working end-to-end business
processes, will increase the efficiency and
reduce the costs of the authorisation and
clearing processing significantly, since on
these only a standard format will be sup-
ported in the mid-term within Europe,
irrespective of local or cross-border inter-
faces. Moreover, banks and other users
will then be able to switch easily between
different market solutions for clearing and
settlement, for instance. This might be a
flexible way of working. If the core mes-
sage remains, local practices can be
enabled by using supplementary data or
extensions to particular elements. The
basic message is still able to be processed
even if the extension is not used in that
process.
For banks and other payment proces-
sors, STP requires accurate identification
of payment routing information. Full STP
for clearing can only be realised by using
STP processing and formats between dif-
ferent banks and between banks and
clearing and settlement mechanisms. End
users, remitters and beneficiaries, how-
ever, have additional requirements for
STP to facilitate communication between
the remitter and the beneficiary as to the
purpose of the card payment, eg retailer
reconciliation and transaction life cycle,
with a unique identifier. Presently this
additional customer and business-specific
information is not needed by banks for
their business. But for realising STP
throughout the whole cards value chain,
payment messages need to satisfy their
end users’ requirements for information in
the context of card payment, and to sup-
port the delivery of industry-specific
Page 83
Karsten:JSC page.qxd 08/06/2012 10:31 Page 84
The European cards environment and ISO 20022
remittance data in a manner that is associ-
ated with the payment. Accommodating
innumerable remittance information
structures, as defined by industries, coun-
tries and others within the payment mes-
sages, poses the risk of over-frequent
changes and maintenance requirements to
those messages, substantially increasing the
cost and complexity of using these new
standards. A future solution on standardis-
ation should meet these flexibility
requirements.
PRESENT STATE: STANDARDS
FRAGMENTATION IN THE SEPA ZONE
Within the SEPA area, the cards industry is
confronted with a fragmented market,
characterised by various rules, regulations
and standards. From the perspective of the
broader value chain of debit and credit
cards, several procedures and protocols are
used in the different parts of the value
chain. There are a large number of differ-
ent terminal-to-host protocols. This is
mirrored by the prevalence of local proto-
cols between payment terminals and
acquirer host systems, but also defining the
interface between those same terminals (or
card payment software) and the cash regis-
ter systems used by retailers at the Point of
Interaction (POI). Besides, almost every
domestic and international card payment
system seems to use a different standard in
the Acquirer-to-Issuer domain.
THE EMV STANDARD
The EMV standard encompasses specifica-
tions, test procedures and compliance
processes managed by EMVCo, LLC, an
organisation jointly owned and operated
by American Express, JCB, MasterCard
and Visa. EMV originally stood for
Europay, MasterCard and Visa (EMV).
EMV was introduced in early 2000 in the
UK and France, but only came into wide-
Page 84
spread (EU) use in recent years. EMV is an
open-standard set of specifications for
smart card payments and acceptance
devices. EMV has been developed to
ensure interoperability between chip-
based payment cards and terminals, and to
increase security and reduce fraud result-
ing from counterfeit, lost and stolen cards.
EMV chip cards contain embedded
microprocessors that provide strong trans-
action security features and other applica-
tion capabilities not possible with
traditional magnetic stripe cards. The main
security benefit of the EMV standard, in
contact and contactless form, is the addi-
tion of dynamic data. EMV secures the
payment transaction with enhanced func-
tionality in three areas: card authentica-
tion; cardholder verification; and
transaction authorisation. Eighty countries
globally are in various stages of EMV chip
migration, including in Europe, Latin
America and Asia, and it now looks likely
EMV is finally headed for the US market.
1.2bn EMV cards have been issued glob-
ally and 18.7m POS terminals accept
EMV cards as of Q1 2011. This represents
more than 40 per cent of the total pay-
ments cards in circulation and more than
70 per cent of the POS terminals installed
globally. Though the USA has lagged in its
adoption of the EMV integrated Circuit
Card Specifications (commonly called
chip-and-PIN), which many countries use
to improve security at the POS, US banks
and merchants are ready to make the
switch.
EMV (if adopted) is used as a standard
at the card issuer and acceptor or terminal
interface. In the Acceptor-to-Acquirer
domain, the EPAS format of ISO 20022 is
the main new standard, following local
standards. In the Acquirer-to-Issuer
domain, variants of ISO 8583 are still the
standards most widely applied in card sys-
tems for authorisation or single messaging.
It is a widely used and proven practical
Karsten:JSC page.qxd 08/06/2012 10:31 Page 85
standard. Most of the acquiring banks or
transaction processors are nowadays using
a wide variety of different legacy proto-
cols, defined and implemented at the local
or national level. These include various
domestic or even international formats
used for clearing and settlement transac-
tions. Not all these protocols and proce-
dures are based on open standards, as
proprietary standards are also implemented
(see Figure 1). As a consequence, compo-
nents in the value chain are not easily
replaceable. For instance, if a retailer
wishes to switch from one acquirer to
another, some adjustments to the terminal
that cost money are required.
This situation has posed a large number
of challenges for the cards industry in
Europe. As a consequence, it is presently
almost impossible to offer customers and
multinational retailers a single card pay-
ment solution that can be used in all
SEPA-zone countries. The existence of
country-based incompatible standards also
hinders the central acquisition of cross-
Bruggink, Karsten and de Meijer
Figure 1 Overview
of standards in the
cards value chain:
POS transaction.
Work in progress:
current assessment
border card payment transactions by
multinational acceptors, thus slowing the
development of business.
EPC: SEPA FOR CARDS
SEPA for Cards is seen as an important
element in the realisation of an efficient
card market in Europe. The aim is to
enable European customers (cardholders
and merchants) to use general purpose
cards to make and receive payments and
withdraw cash in euros throughout the
SEPA area with the same ease and con-
venience as they do in their home coun-
try. The objectives of a SEPA for Cards
will be achieved to the greatest extent
possible through the use of open stan-
dards available to all parties within the
card payment value chain. These would
replace the domestic payment infrastruc-
ture used for card clearing in the mid-
term with common European
infrastructures. The ambition of SEPA for
Cards is to set the foundation for interop-
Page 85
Karsten:JSC page.qxd 08/06/2012 10:31 Page 86
The European cards environment and ISO 20022
erability and gradual convergence of the
technical standards which underpin the
end-to-end card value chain. That would
facilitate fast, efficient and secure process-
ing of card payment transactions in the
SEPA area. Harmonisation of standards in
the European cards industry would mean
that cardholders can pay with one card
over the whole euro area; retailers will be
able to accept all SEPA cards in a single
terminal; banks will be able to switch
easily between different market solutions
for clearing; and payment card processors
will be able to compete and to offer serv-
ices throughout the euro area.
Harmonisation of standards in the
European cards industry would require
issuers, acquirers, card schemes and oper-
ators to adapt to the SEPA Cards
Framework (SCF).
SEPA for Cards and ISO 20022
The Economic and Financial Affairs
Council (ECOFIN) requested in its con-
clusions on SEPA in December 2009 that
the industry should set the conditions for
further standardisation in the area of cards.
According to the EPC, the clearing infra-
structure used to process the SEPA pay-
ment instruments SCT and SDD, based on
ISO 20022, can be used to clear and settle
card transactions through analogous mes-
sages and formats if appropriate. But for
realising STP, that should be realised in full
coordination with other domains in the
cards value chain, notably the Accepter-to-
Acquirer domain. The EPC recognises that
the introduction of new standards for card
payments processes and messages cannot
happen overnight. For a certain period of
time, existing and new standards will have
to operate side-by-side. The EPC recog-
nises the widespread use of ISO 8583 for-
mats in the Acquirer-to-Issuer domain for
online authorisation, while supporting the
use of both ISO 8583 and ISO 20022
XML-compliant2 message standards for
Page 86
cards (co-existence) for the exchange of
information between the parties involved
in the cards value chain. A solution is
needed that delivers: flexibility, co-exis-
tence and convergence.
SEPA Cards Framework
The EPC is carrying out a card standardi-
sation programme designed to remove
technical obstacles that nowadays prevent a
‘consistent customer experience’ through-
out the SEPA cards market, and to allow
higher process efficiency along the overall
card value chain. For that purpose, the
EPC has developed the SCF. The objective
of the EPC SCF is to define the strategic
vision for SEPA card payments through
the establishment of high level principles
and rules.
Cards Stakeholders Group (Csg)
In 2009, the EPC promoted the creation
of the Cards Stakeholders Group (CSG),
comprising representatives of five sectors
also active in the cards domain. These
include retailers, vendors, processors, card
schemes and banks. The collective aim of
the EPC and CSG is to establish a frame-
work for a better, safer, more cost-efficient
and richer card services environment,
whatever the card product or scheme may
be. The CSG task is to identify standard
requirements and best practices that will
promote interoperability in the SEPA
cards market.
The scope of EPC’s work on cards stan-
dardisation in general, and of the present
CSG deliverables in particular, is the defi-
nition and description of SEPA cards stan-
dards for the card payment and cash
withdrawal services provided or imple-
mented by the different stakeholders such
as SCF-compliant card schemes, issuers,
acquirers, processors, vendors, merchants
etc. On 6th June, 2011, the EPC and the
CSG released the latest version of the
SEPA Cards Standardisation Volume —
Karsten:JSC page.qxd 08/06/2012 10:31 Page 87
Book of Requirements (The Volume). This
Volume defines functional and security
standards requirements for cards services, as
well as evaluation methodology designed
to achieve interoperability based on open
standards within the SEPA cards market.
ISO 8583 vs ISO 20022: WHICH TO
CHOOSE?
The current discussion in the European
cards industry is whether the current ISO
8583 and its future improvements can still
be relied on for the standardisation of the
messages in the card payment industry —
or should one use a new standard for cards
developed under the umbrella of ISO
20022?
ISO 20022
ISO 20022 provides the financial industry
with a universal common platform for the
development of financial messages in a
standardised way. Compared with ISO
8583, ISO 20022 does not describe the
messages themselves. However, it is a
recipe for developing financial industry
message standards (which can be con-
verted into physical messages). ISO 20022
creates a single standardisation approach
with common methodology, common
registration process and a central reposi-
tory that can be used by all financial stan-
dards initiatives. The financial repository is
a sort of central dictionary of business
items, in which approved models, transac-
tions, messages and their components are
stored. This ISO 20022 recipe offers a
better, cheaper and faster way of develop-
ing and implementing interoperable mes-
sage standards that could meet the needs
of the present cards industry in terms of
convergence and co-existence.
Common modelling methodology
Key to the ISO 20022 standard is the
approach of developing syntax-independ-
Bruggink, Karsten and de Meijer
ent business models that are validated by
the industry. ISO 20022 uses a modelling
methodology approach independent of
the coding of messages (such as XML or
ASN.1/TNL). The goal of ISO 20022 is
to identify and standardise the ‘words’ that
are shared between institutions, and store
them in the ‘data dictionary’ of the ISO
20022 Repository. On that basis, develop-
ers can build ISO 20022 syntax-independ-
ent message models that can then be
transformed into message formats accord-
ing to the desired syntax. The current pre-
ferred ISO 20022 syntax in SEPA is XML.
The syntax-independent business model-
ling methodology allows developers to
capture the ‘business standard’ prior to, and
independently of, the physical format of
future messages. This flexible framework
allows communities of users and message-
development organisations to define mes-
sage sets according to an internationally
agreed approach and to migrate to the use
of common XML-based syntax. The fact
that the syntax design rules are clearly sep-
arated from the modelling methodology
ensures that models will not need to be
changed should XML be superseded by a
new and better syntax solution.
Flexible framework
A long-term objective is one standard
approach via ISO 20022 that is used by all
stakeholders. It will not happen overnight.
SWIFT, for example, has an integration
strategy from MT to MX messages that
could last more than ten years at least. In
the interim, several standards need to co-
exist to respond efficiently to competitive
pressures and regulatory demands.
Interoperability
ISO 20022 eases interoperability with
other financial message standards between
financial institutions, their market infra-
structures and their end-user communities.
The new message standards will cover end-
Page 87
Karsten:JSC page.qxd 08/06/2012 10:31 Page 88
The European cards environment and ISO 20022
to-end business process across all markets.
It facilitates an end-to-end interoperability
approach, ensuring optimum ability for
STP or more fluid end-to-end processing.
Convergence
One of the most interesting characteristics
of ISO 20022 is that it provides a way to
achieve the long-term convergence objec-
tive. ISO 20022 supports convergence to
one standard that will replace today’s
numerous specifications, which have been
developed on a country or card scheme
basis. It facilitates the migration from
existing messages to their ISO 20022-
compliant equivalent. Over the longer
term, the ISO 20022 messages generated
from the model could become the stan-
dard that SEPA is looking for.
Co-existence
While getting there, the ISO 20022 mes-
sage model provides a way to facilitate the
short-term co-existence of several stan-
dards. Part of the ISO 20022 standard is a
so-called ‘reverse engineering’ technique
or approach to ease co-existence, ie to
recapture the functionality of existing non-
ISO 20022-compliant message standards
and feed it into the ISO 20022 model.
Supplementary data
It also takes into account the information
required by customers such as financial
institutions, and end users such as retailers.
ISO 20022 can be extended with supple-
mentary data without having to update
the approved message format. It enables
the utilisation of message components in
the ISO 20022 repository. As a result, users
that do not need the supplementary data
will not be affected. The extension mech-
anism for ISO 20022 is a container that,
when used, includes supplementary data
that is structured as an ISO 20022 compli-
ant scheme, looks like the rest of the mes-
sage, and can be processed in the same way
Page 88
without the need to change the message
format continuously.
ISO 20022: BUSINESS JUSTIFICATION
INITIATIVES FOR CARDS
For harmonisation in the SEPA area, there
are now a number of standardisation ini-
tiatives that aim for solutions in the vari-
ous parts of the cards value chain in order
to realise interoperability and convergence
towards ISO 200222. These initiatives
include EPAS CAPE (Point of Interaction
(POI)-to-Acquirer), ISO/TC68/SC7/
WG ATICA (Acquirer-to-Issuer), The
Berlin Group CCPAY (Acquirer-to-
Issuer), and IFX for ATM messaging and
management. A common aim is to ensure
to as great a degree as possible the end-to-
end harmonisation of the various projects.
All these business justifications and pro-
posals will be evaluated by the Cards and
Related Retail Financial Services
Standards Evaluation Group (Cards SEG).
The main goal of the Cards SEG is to pro-
vide a harmonisation function across all
submissions to promote as much as possi-
ble end-to-end interoperability between
the different ‘domains’ of card transaction
processing.
EPASOrg: ISO 20022 — CAPE
EPASOrg, the developer and official sub-
mitter of the Card Payments Exchanges
(CAPE) set of messages, was set up by var-
ious industry players to define a new series
of protocols (EPAS specifications) to spec-
ify the interaction of electronic payment
terminals with other systems in the card
payment value chain.
Scope
The scope of the EPAS card payment
messages is within the Acceptor (mer-
chant)-to-Acquirer (bank) domain for
POI transactions. The goal of the proposed
message standardisation process of EPAS is
Karsten:JSC page.qxd 08/06/2012 10:31 Page 89
to cover the whole POI card payment
transactions environment located upstream
or downstream of the Acceptor-to-
Acquirer domain. One of the objectives is
to allow an Acceptor and an Acquirer to
exchange POI card payment-related mes-
sages either directly, or through one or
more Intermediary Agents (IAs) located
on the path of the exchange. The EPAS
CAPE Business Justification does not
cover the Acquirer-to-Issuer domain. It is
left to other industry stakeholders to
submit an ISO 20022 Business
Justification within this specific card busi-
ness domain.
Protocols
The aim of EPASOrg is to overcome the
present fragmentation in the European
cards market through the development of
common state-of-the-art protocols to be
used by the POI and their widespread
implementation. These include an
Acquirer protocol that relates to the
interface between a card payment termi-
nal (or software) and the acquirer’s host
system. The CAPE ISO 20022 Business
Justification also allows for the develop-
ment of messages for standardisation for a
Retailer protocol, ie messages between a
POI system and the cash register or sales
system for large multi-lane retailers, as
well as for a Terminal Management
System protocol for remote updating of
POI parameters, software and crypto
keys.
ISO 20022 methodology
The initial aim of the EPAS consortium
was to foster interoperability in card pay-
ments protocols and to develop card-based
ISO 20022 protocols based on open, non-
proprietary and common interoperable
standards. To ensure compatibility with the
latest technological standards, it was
decided that the EPAS protocols would be
based on the ISO 20022 methodology for
Bruggink, Karsten and de Meijer
its data modelling and the development of
detailed technical specifications.
Compatibility
The compatibility issue with current stan-
dards was identified as a specific business
requirement by the EPAS Consortium at
the very beginning of its work. It consid-
ered it a prerequisite for ensuring a
smooth migration from current syntaxes
such as ISO 8583 to ISO 20022 and vice
versa. The EPAS Consortium actually
ensured — throughout the design and
development phases of the messages —
that an adequate level of compliance with
existing messages (such as ISO 8583)
could be verified. The CAPE messages
were designed and developed to maintain
consistency with the current ISO 8583
standard — especially at the business
process level where elements of ISO 8583
are mapped into ISO 20022.
Present state
The submission of messages by EPAS for
the first area, Acceptor-to-Acquirer POI
messages, has now completed all its
approval stages. EPASOrg announced by
the end of 2010 the endorsement and
dissemination of the first universal series
of ISO 20022 card payment standards
messages (ISO 20022 CAPE) to be used
between a merchant and a bank for card-
initiated payment transactions (Acquirer
protocol). This new universal standard
would replace the present numerous
specifications developed on a country or
payment scheme basis. Also, the TMS
protocol (relating to the interface
between card payment and the system
used to manage them remotely) has been
approved.
ATICA (Acquirer-to-Issuer Card
Messages)
The ATICA (Acquirer-to-Issuer Card
Messages) initiative — under the responsi-
Page 89
Karsten:JSC page.qxd 08/06/2012 10:31 Page 90
The European cards environment and ISO 20022
bility of ISO/TC68/SC7/WG9 (WG9)
— is to investigate the business case for
using ISO 20022 and its toolbox for the
development of messages in the card pay-
ment industry. WG9 consists of various
representatives from the industry.
Scope
WG9 has been formed to work on card
messages in the domain of Acquirer-to-
Issuer message exchange — the domain
already covered by the existing standard
ISO 8583.WG9 suggests a scope including
(but not limited to) financial transactions
such as presentment, reconciliation
between and among financial institutions,
and other functions that represent more
than the traditional card transaction
domain.
Goals
ATICA will seek alignment of CAPE and
CCPAY, whereby STP is a key require-
ment. ISO 8583 will be maintained (for
the time being) by the WG9 Cards and
related retail financial services, as the foun-
dation of most card messaging, taking into
account the current business needs. It is an
important consideration that both stan-
dards, ISO 8583 and ISO 20022 should be
able to co-exist.
Reverse engineering
One of the main tasks is to initiate the
reverse engineering of ISO 8583 messages
into ISO 20022 XML models and reposi-
tory. For that purpose, WG9 will specify a
common interface by which retail finan-
cial and non-financial transaction card-
based messages can be interchanged in the
Acquirer-to-Issuer domain as specified in
ISO 8583.
WG9 was asked, relating to the imple-
mentations of ISO 8583, to identify the
elements that can then be reverse engi-
neered into ISO 20022 models. WG9 is
capturing the business processes currently
Page 90
addressed by the card environment
(including those currently addressed by
ISO 8583), thereby utilising the ISO
20022 methodology. Also, WG9 analyses
ISO 8583 in order to define and to con-
tribute to harmonised business and mes-
sage components into the ISO 20022
repository. It is this aspect of the work
that will be critical to the effective
reverse engineering of the ATICA mes-
sages.
Co-existence
WG9 will need to define a co-existence
and migration plan for ISO 8583 once
the submission ISO 20022 model and
messages are complete. As far as possible,
the submission to ISO 20022 should
therefore contain the core elements of
ISO 8583 messages (changes to the ISO
20022 model approved by the Cards SEG
will not automatically generate to the
ISO 8583 message equivalent. It will be
up to SC7 WG Cards and related finan-
cial services to propose an update of ISO
8583). The key role of WG9 and the
Cards Technical Group that follows it will
be to protect the core functionality of the
ISO 8583 messages. Current messaging
between the acquirer and issuer uses var-
ious interpretations of the ISO 8583
standard, but essentially follows the same
business processes. Retailers and proces-
sors will not welcome a new standard
that radically changes the established
business processes no matter what the
advantages are in terms of richness of
data.
The intention is to offer users of ISO
20022 XML in the cards industry — such
as financial institutions and card service
providers that wish to take advantage of
card payment methodologies and tech-
nologies and streamline their business
processes around ISO 20022 — a migra-
tion path from their current authorisation
and settlement systems to a common ISO
Karsten:JSC page.qxd 08/06/2012 10:31 Page 91
20022 platform in order to leverage their
investment in payments infrastructure.
Present state
The business justification was endorsed by
the Cards SEG in October 2009. The date
of delivery of candidate messages was
planned for the second quarter of 2010.
The current status is that the first draft is
expected mid-2012.
The Berlin Group: CCPAY
The Berlin Group — at first initiated by
major domestic card payment systems but
now consisting of mayor players in the
cards industry — is a European standardisa-
tion organisation that is fully separated from
EPAS CAPE and other European standard-
isation initiatives. For authorisation, The
Berlin Group presents a standard based on
ISO 8583. Regarding ISO 20022, the
Berlin Group intends to specify common
messages to be used in the clearing and set-
tlement of card transactions: CCPAY (Card
Clearing Payment Messages).
Scope
The Berlin Group proposes open stan-
dards in the Acquirer-to-Issuer domain.
Standardisation activities focus on defining
technical payment messages for cards
clearing based on ISO 20022 and using
payment business models. This develop-
ment will cover the payment initiation
(pain) messages (Acquirer-to-Acquirer
bank), as well as the inter-bank payment
clearing and settlement (pacs) messages.
The Berlin Group believes that a pay-
ments-focused development of ISO 20022
card-clearing messages, rather than an ISO
8583 re-engineering-focused approach
like that of ATICA, is needed in order to
realise the synergies in terms of end-to-
end processing.
Goals
The purpose of The Berlin Group is to
Bruggink, Karsten and de Meijer
create card-clearing messages based on the
business and message models of the exist-
ing SEPA payment messages within the
ISO 20022 financial repository (in addi-
tion to the ATICA approach). Further
analysis has identified that the clearing
infrastructure used to process the ISO
20022-based SEPA payment instruments
can also be used to clear and settle card
transactions through analogous messages
and formats.
Approach
Since 2008, The Berlin Group has been
working on a payment model and a mes-
sage format for the clearing of card trans-
actions based on ISO 20022 payment
messages like ‘pain’ and ‘pacs’ messages.
The CCPAY approach is to use a pay-
ment-like approach for the clearing and
settlement of card transactions, re-using
the ISO 20022-based clearing infrastruc-
ture built up for the SEPA payment
schemes SCT and SDD.
While the ISO 20022 repository is
fully sufficient for the clearing process
between the Debtor Bank and Creditor
Bank itself (inter-bank), and for card
transactions, more data elements are
required to transport card transaction-
related data from the Acquirer to the
Issuer or their respective reference parties
(ie the Cardholder and the Card
Acceptor): for the account management
of the bank customers for example; or for
internal reconciliation and dispute man-
agement between the Acquirer and the
Issuer. The extension of the Direct Debit
message types will be needed for pulling
clearing mechanisms, while Credit
Transfer messages will be needed for
pushing clearing mechanisms like for
card-based credits or certain merchant
refunds. R-Transaction messages will be
needed in the case of direct debits and
credit transfers. In total, ten new messages
will be needed for CCPAY.
Page 91
Karsten:JSC page.qxd 08/06/2012 10:31 Page 92
The European cards environment and ISO 20022
Adoption Scenario
The Berlin Group is working on a dual
solution:
• Short term: SEPA Cards Clearing
Framework operational rules and
implementation guidelines based on
data inspired by ISO 20022 and SDD
messages;
• Long term: Align the short-term solution
with the results of the business justifica-
tion process acceptance of the ISO
20022 (full XML).
Present state
While adoption of ISO 20022 by the
whole cards industry is a long-term
objective, in order to obtain the benefits
of the new standard, The Berlin Group
issued the final specification for a short-
term solution in 2010. That solution
relies on the pain and pacs messages in
place today for the SEPA Direct Debit
messages. For this solution, the main
information on involved parties and
amounts to be cleared is contained in the
payment data elements already provided
by the ISO 20022.
In addition, specific card-transaction
data, such as that needed for dispute man-
agement like EMV data, is contained
within the unstructured remittance infor-
mation. These data will be ISO-TLV
encoded in the unstructured remittance
information like the EMV data in ISO
8583-based authorisation or clearing mes-
sage formats. The short-term SEPA Card
Clearing solution is intended to be imple-
mented as soon as possible. The German
banking industry has already started an
implementation project for the short-term
SEPA Card Clearing formats, as a full
XML encoded ISO 20022 solution is not
available in time for the SEPA market
needs in Germany. Other markets or
cooperation partners of the German bank-
ing industry in Europe are expected to
follow this implementation.
Page 92
CARDS ENVIRONMENT:
STAKEHOLDERS, THEIR INTERESTS
AND POSITIONS
Within the cards environment, there are a
large number of stakeholders, each with
their specific role, interest, involvement
and especially, influence on the process of
providing input on standardisation. The
common interest of all these stakeholders
will in the end determine the viability and
success of the business case for ISO 20022
as the standard format for the European —
and potentially global — cards industry.
Card schemes
The card schemes3 are among the key
players in the cards environment. SEPA
requires unbundling between the scheme
on the one hand, and the processing or
infrastructure on the other. In an unbun-
dled cards world, schemes will impose
only the requirements for the Acquirer-to-
Issuer domain. As a result, the processors
would have the freedom to decide what
standards to use there. In the present cards
world, the actual standards to be used are
still being prescribed by the various partic-
ipants in the value chain. The schemes
have certain mandates for the Acquirer-to-
Issuer domain, while in the Acceptor-to-
Acquirer domain, the standard used results
from the decision of the acquirer based on
the requirements of the merchant, where
there is a chance that the acquirer will
follow recommendations from the
schemes.
The migration from local or propri-
etary standards to open, and hence
regional (or global), standards increases the
need for interconnectivity and interoper-
ability in this domain, requiring the effi-
cient co-existence of standards.
Schemes monitor, or are actively
involved in, the standardisation process.
For example, this may be through active
participation in various ISO 20022 bodies.
Their influence on standardisation is con-
Karsten:JSC page.qxd 08/06/2012 10:31 Page 93
sidered medium to high. A key risk related
to schemes is that if they continue to use
their proprietary standards, it will not lead
to the SEPA ambition of the elimination
of technical and operational barriers
between countries and schemes.
Terminal vendors
Terminal vendors have to implement stan-
dards that are set by the various (local)
schemes facilitating card acquirers or their
processors. The interest of these vendors in
the standards discussion is that they sell
many different terminals that have to sup-
port a broad range of standards. Terminal
vendors are followers in the whole
process, but do monitor progress and can
be actively involved in submitting propos-
als (for example, by participation in
EPASOrg for the Acceptor-to-Acquirer
domain). Their influence in the standardi-
sation discussion is considered to be
medium as they are an important stake-
holder with indirect involvement. The
costs of terminals determine a major part
of acceptance network investments. The
impact of the decision on standardisation
could be significant. A common and open
standard can reduce terminal costs, as they
can then be produced in larger volumes
and will enable efficient STP. However,
more standards could make the cards
ecosystem more complex, and as a conse-
quence more costly. New standards can
bring new options and functionalities,
which may generate investment for new
terminals.
Banks
As issuers and acquirers, banks are involved
in the standardisation process. They are
influential decision makers because they
will have to implement product and serv-
ices on agreed standards. For them, a viable
business case for ISO 20022 is of impor-
tance in terms of day-to-day costs, volume
and market profit. Standardisation via open
Bruggink, Karsten and de Meijer
standards would enable easy entry to new
markets. It would also contribute to effi-
cient STP. Banks’ involvement in the
process of self regulation for standards is via
the EPC. Though they are not leading in
the development of standards, they set the
high-level requirements for the cards indus-
try within EPC and the CSG. Some banks
participate actively in ISO 20022 forums.
Retailers
As retailers are the intrinsic acceptors of
standards, the importance to them of fur-
ther standardisation is high. Their interests
are the development of pan-European
card acceptance, the full acceptance by the
industry of an open standard, STP and, as a
consequence, low costs. Being major
clients for acquirers and card brands, retail-
ers are important stakeholders in the cards
environment. Their importance is high, as
they can drive the market or stop market
change if they see no value from higher
costs. The increasing costs of investment in
new terminals could cause retailers to
postpone (as opposed to stop) the replace-
ment of their existent ones. This could
decelerate the standardisation process.
Processors (switches)
Cards processors that operate a network
switch between acquirers and issuers (that
includes clearing and settlement) have to
implement standards. They are followers,
and should follow up what the schemes
they support impose. They are very much
interested in STP. Their interest is to
attract or keep as many as possible transac-
tions through efficiency and full accept-
ance of brands and schemes. Ideally, they
are advocating one global or regional stan-
dard using the fewest possible different
infrastructures or platforms. That would
enable efficient STP because fewer con-
versions are needed. In addition, new
requests would be more easily understood.
These processors keep a watching brief
Page 93
Karsten:JSC page.qxd 08/06/2012 10:31 Page 94
The European cards environment and ISO 20022
Figure 2 COMPETITIVE MARKET
REGIONAL/GLOBAL TRANSPARANCY
Competitive market
regional/global VENDORS
transparency
COMPETITION BETWEEN SCHEMES
SCHEME
STANDARDS
INNOVATION
CREATING MARKET SHARE
SCHEMES
and are actively involved in setting stan-
dards as experts. A good example is The
Berlin Group. Their influence is consid-
ered to be low-to-medium.
Regulators
Notwithstanding the lack of legislation,
regulators play an influential role in the
European cards standardisation discussion
by creating better understanding and
transparency (Figure 2). The ECB supports
the SEPA Cards Framework and for them,
the importance of standardisation to create
a single cards market with open market
access is high. Although they expressed
their preference for open and global stan-
dards, it is (until now at least) up to the
market to provide a solution. Regulators
play a key role, as they can drive industry
change. European regulators are condi-
tional in the sense that they deliver impor-
tant requirements of a future cards
framework. If market participants are not
decisive enough, the regulators could
speed up the process via regulation.
Other players
Other players such as acquirer processors,
cash-register vendors and other vendors
Page 94
REGULATORS
RETAILERS
ISO STANDARDS
NEW MARKET FUNCTIONS
OUTSOURCING
MORE OPEN REGIONAL STANDARDS
BANKS
PROCESSORS
play a less important role in the standardi-
sation discussion and process. As a fol-
lower, they have to implement agreed
standards.
From this, it can be understood that the
forces delivering the governance of indus-
try standardisation differ markedly in size
and position. Also, schemes take in a default
industry standardisation role by mandating
proprietary standards on chip (EMV), and
on security (PCI-DSS),4 all in cases based
upon and sometimes ‘in competition’ with
ISO standardisation initiatives. For exam-
ple, the EMV standard is a proprietary
standard mandated by most card schemes
while there is an ISO standard — ISO
9992-1 (1990) ‘Financial transaction cards
— Messages between the integrated cir-
cuit card and the card accepting device’ —
that covers chip-based transactions. For
PCI-DSS there is the ISO alternative ISO
27001 Information Security.
Compared with payments, the SEPA
payment rulebooks are open standards for
all within the industry. Considering the
varied initiatives on cards standardisation,
there are a number of challenging ques-
tions. How will these affect the business
case and management of the standards?
Karsten:JSC page.qxd 08/06/2012 10:31 Page 95
How can ISO 20022 stay in touch with
the dynamics of the industry needs of
schemes and banks so that new initiatives
do not become proprietary as was the case
with ISO 8583 (87/93)? Which is the best
way to manage business-driven change
requirements within an allotted imple-
mentation time? Will the ‘Apple platform’
become the future model with a propri-
etary environment that is not interlinked,
or is it the Google platform with an ‘open’
standard for multiple parties that is a future
option? What about membership and
compliance with open standards, or that
for new mobile payments?
Compliance with open standards
Compliance with open standards addresses
the area of scheme standards and ISO stan-
dards that are the input for processing. The
schemes define business rules and regula-
tion for Acquirers and Issuers. Following
these business rules, schemes also define
specific technical requirements and system
functionality for processing based on open
ISO standards and on Scheme standards.
This combination is more or less propri-
etary or governed by schemes. For com-
pliance with open standards, business rules
and regulations are input for open stan-
dardisation on ISO and Schemes together
in order to attain efficient and effective
STP processing.
IS THERE A BUSINESS CASE FOR
CARDS AND ISO 20022?
In order to be effective, a new card stan-
dard (or standards methodology) must
fulfil future market and business needs and
functional requirements for interoperabil-
ity, convergence and co-existence. For a
business case, for ISO 20022 to be viable it
is important that the new standards will be
beneficial for all stakeholders involved. A
sound and viable business case for ISO
20022 in the cards industry should be
Bruggink, Karsten and de Meijer
based on market demands for realising
industry efficiency, new functionality and
progressive use of the new options. ISO
20022 is seen as a credible and long-term
alternative to ISO 8583, and as a viable
strategic option for future card/retail stan-
dardisation. ISO 20022 could overcome
the constraints of ISO 8583 messages, as it
is flexible and expandable. It is the whole
modelling and structure of ISO 20022
messages that provides flexibility to
expand message components. This univer-
sal and common flexible framework pro-
vides the financial industry with a
common platform for the development of
message sets according to an internation-
ally agreed approach.
Negatives of changing over to ISO
20022
Notwithstanding the various advantages of
ISO 20022, there are still a number of
negative considerations that might affect a
quick adoption of ISO 20022 methodol-
ogy for cards in Europe. First of all, the
existing and widely-used first versions of
ISO 8583 have proved highly flexible over
the years for new functionality in propri-
etary fields (EMV, global, debit, credit and
petrol etc), but could not catch up with
new versions (2003). On top of that, the
implementation of a new standard takes a
long time. And there are the high legacy
costs, as well as the costs involved with
implementation. Card schemes such as
MasterCard and Visa and their clients have
already invested in ISO 8583 (1987) and
easy global conversion systems.
General benefits
While relatively high costs may be
expected for the implementation of the
new standard — and it may take a long
time to be adopted by the whole industry
— it would make the market for process-
ing cards more reliable and efficient.
Because the ISO 20022 standards were
Page 95
Karsten:JSC page.qxd 08/06/2012 10:31 Page 96
The European cards environment and ISO 20022
approved only five years ago, its inherent
architecture provides some essential ben-
efits. Normally, migration from old to
new standards is not easy. However, ISO
20022 migration is completely different.
ISO 20022 provides short-term co-exis-
tence and long-term convergence objec-
tives and is designed to allow users to
implement standards better, cheaper and
faster.
Longer term savings are expected for
the cards industry as a whole as a result of:
• the convergence process with the
whole card payments value chain
including credit transfers, direct debits,
clearing, settlement, card payments;
• the availability of lower cost ‘off the
shelf ’ flexible software solutions, which
can result in reduced IT costs;
• the simplification of fraud and card
back-end processes and increased STP.
Increased STP
ISO 20022 can play a unique role in
enabling business process automation
across the financial industry. It may prove
to be a quiet revolution in the STP goals
of an industry in search of faster, cheaper
high-quality data and the higher confi-
dence, lower risk operating environment
that results from it. ISO 20022 considers
the underlying business processes rather
than being just a message-centric
approach. It covers all financial messages
and allows participants to use the same
language for all their financial communi-
cations. The use of ISO 20022 will facili-
tate end-to-end needs from POI to cash
reporting. It will allow interoperability
between different card and payment
instruments, and will bring overall cost
efficiency end-to-end.
CHALLENGES
There are still a number of challenges for
Page 96
the card industry to meet in order to
realise the required harmonisation of stan-
dards in the SEPA area. There is the issue
of market acceptance. Will the proposi-
tions meet the requirements of the various
players in the cards environment and pro-
vide an overall business case? Are the vari-
ous players willing to implement ISO
20022? Another issue is whether standard-
isation will provide new market opportu-
nities and new business? In addition,
should cards standards’ harmonisation be
limited to the SEPA zone, or should it be
enlarged to the global system (as the cards
industry is becoming a global industry
with some local solutions)? Finally, there is
the challenge of synchronisation in propri-
etary standards and open scheme stan-
dards, open ISO standards on market
change and the delivery of business solu-
tions along the chain.
Market acceptance
Creating standards for the card industry is
one necessity, but gaining market accept-
ance and implementation are also key
requirements. It will be a real challenge,
given the various players in the card envi-
ronment and the different needs and
requirements of stakeholders such as retail-
ers, merchants, issuer banks, and acquirer
banks in terms of costs, ease, and security.
ISO 20022 is an open standard that relies
on the strength of industry collaboration
and that disciplines the processes of stan-
dards governance. To realise the full bene-
fits of adopting ISO 20022, the industry
must engage across the board. In turn, that
requires a firm grasp of the principles gov-
erning this methodology. This is not a
one-time market-acceptance step.
Longer-term governance will also
require the close monitoring of STP
implementation, bringing user-group
requirements on solutions within range of
market needs, and supporting all players in
the industry with tools and best practices.
Karsten:JSC page.qxd 08/06/2012 10:31 Page 97
How will the partnership between ISO,
the Schemes, the banks and other stake-
holders evolve? Is this an ad hoc approach,
or is this streamlined for fast market and
business needs? One of the key questions
here is which stakeholder should take the
first step in implementing ISO 20022 in
order to ensure a catalyst effect for the
overall acceptance throughout the whole
cards value chain. At the moment, the
cards environment is in equilibrium with
respect to investments required to main-
tain this environment. Migrating to ISO
20022 will disturb this equilibrium as
investments are required for all involved.
It means that if participants start to
develop a business case, they will have to
cater for many dependencies on the
actions of the other stakeholders involved.
This makes it even more complex for the
first mover.
Growing card market
The new modernised architecture of cards
standards — with the use of a universal set
of global business rules and messages —
can boost the card payment acquiring
market for retailers and banks in terms of
increased STP throughout the whole cards
value chain. In addition, it can boost the
end-to-end provision of transaction data
and provide efficiencies through STP. It
gives new space for future market solu-
tions, faster end-to-end sales and pay-
ments, and wider usage of cards, with the
option of starting with local key solutions
based on a global standard. This will bring
further smooth market growth in global
market needs for users such as regional or
global banks and retailers. It will also pro-
vide market growth and lower average
transaction and service costs for the indus-
try. This will ensure that all transaction
data is available throughout the whole card
value chain, offering opportunities for data
extraction in terms of management infor-
mation and other data-mining.
Bruggink, Karsten and de Meijer
Regional or global?
From a competition point of view, should
the focus of standardisation be on SEPA or
Europe as a region — or should it be
enlarged to the global ecosystem? While
the issue of standardisation has been
addressed with a relatively high level of
urgency within Europe, it will nevertheless
become a major priority in the years to
come for worldwide and region-wide
payment schemes, as well as for card
acceptors and acquirers, because of the
emergence of global standards such as
EMV. This could contribute to the cre-
ation of a worldwide level playing field
among these participants (banks and
acceptors) and will increase competition.
According to the Eurosystem, to meet the
requirements of European stakeholders,
there is strong need for direct and coordi-
nated involvement of the EPC in the
world of global card standardisation
bodies. The need is not only for standard
setting, but for management and industry
best practices up to regional and global
implementation on current and future
market developments: therefore governing
regional needs and solutions in a global
cards (and mobile) ecosystem.
Synchronisation of standardisation
The full enabling of a global/regional open
standard that can generate market growth is
conditional on a fully global and regional
acceleration of market development and
innovations, and requires synchronisation
with individual standards so as to stay and
remain STP end to end. Synchronisation in
proprietary standards and open scheme
standards, open ISO standards on market
change and the delivery of business solu-
tions along the chain are required. In other
words, the full industry-standardised opera-
tion environment for all stakeholders
should be aligned. An ad hoc synchronisa-
tion by individual market forces, or syn-
chronisation by the aligned management of
Page 97
Karsten:JSC page.qxd 08/06/2012 10:31 Page 98
The European cards environment and ISO 20022
respective industry bodies is preferred for
the kernel of open standards providing syn-
chronisation and STP in developments
within the full global or open market card
chain.
AUTHORS’ NOTE
This paper is the view of the authors and is not
necessarily representative of any other views on
the subject.
REFERENCES AND NOTES
(1) ATICA is not an implementation
standard as such. Any card scheme does
not have to use the entire set of
messages to conduct their business.
There are many optional data elements
that could be made mandatory if
required by a particular scheme.
(2) At the time ISO 20022 was developed,
Extensible Mark-Up Language, or XML,
was already the preferred syntax for
communication. Early in 2000, the
industry had already moved to the single
common XML-based language.
(3) A card scheme is a technical and
commercial and technical arrangement
set up to serve one or more brands of
cards which provide the organisational,
legal and operational framework
necessary for the functioning of the
services marketed by those brands (ECB
Glossary, see: http://www.ecb.int
/home/glossary/html/glossc.en.html).
(4) The Payment Card Industry, Data
Security Standard (PCI DSS) is a set of
comprehensive industry requirements,
established by the card schemes and
enforced by the PCI Security Standards
Council. The standard has been designed
to protect card-holder data wherever it is
stored, processed or transmitted. While
achieving compliance with the standard
will not prevent a serious data breach, it
will provide the foundations of good
data management and an increased
awareness of card data and its value,
helping to reduce the likelihood of an
incident.
Page 98
SOURCES
ATICA (2009) Business Justification for the
development of new ISO 20022
Financial Repository Items’, ISO,
Geneva, available at:
http://www.iso20022.org/documents
/BJ/BJ044/ISO20022BJ_ATICA_v4
_with_comments.pdf
The Berlin Group CCPAY (2010) Business
Justification for the development of new
ISO 20022 Financial Repository Items,
ISO, Geneva, available at:
http://www.iso20022.org/documents
/BJ/BJ051/ISO20022BJ_CCPAY_v4
_with_comments.pdf
EPAS Consortium (2009) Business
Justification: For the update of the
UNIFI (ISO 20022) Financial
Repository, 28th April, available at:
http://www.iso20022.org/documents
/BJ/BJ020/ISO20022BJ_CardPayments
Exchanges_ASN1_with_comments.pdf
EPASOrg (2010) ‘EPAS Acquirer protocol:
First universal ISO 20022-card standard’,
EPASOrg, Brussels, 18th November,
available at: http://www.itea2.org
/epasorg_standard
European Payments Council (2008)
‘Questions and Answers Clarifying Key
Aspects of the SEPA Cards Framework’,
EPC, Brussels, available at:
http://www.europeanpayments
council.eu/knowledge_bank_detail.cfm?
documents_id=132
European Payments Council (2009) ‘Get
Involved! — EPC establishes the Cards
Stakeholder Group’, EPC Newsletter,
issue 3, July, available at:
http://www.europeanpayments
council.eu/article.cfm?articles_uuid=
82F2BCD0-E82D-7DAE-6C5DD1D12
77F5332
European Payments Council (2009) ‘Open
Letter regarding the Application of the
SCF to Three Party Schemes’, EPC,
Brussels, available at:
http://www.europeanpayments
council.eu/knowledge_bank_detail.cfm?
documents_id=227
European Payments Council (2009) SEPA
Cards Framework v 2.1, EPC, Brussels,
Karsten:JSC page.qxd 08/06/2012 10:31 Page 99
available at: http://www.european
paymentscouncil.eu/knowledge_bank
_detail.cfm?documents_id=330
European Payments Council (2009) ‘SEPA for
Cards: From Vision to Reality — EPC
takes forward its Cards Standardisation
Programme’, EPC Newsletter, issue 1,
January, available at:
http://www.europeanpayments
council.eu/article.cfm?articles_uuid=
A10F1401-E30C-BC06-BA43278DA0E
88F66
European Payments Council (2010)
‘European ATM Fraud Losses down 36
Percent — EMV rollout at ATMs in
Europe is helping to reduce skimming
losses in some SEPA countries’, EPC
Newsletter, issue 6, April, available at:
http://www.europeanpayments
council.eu/article.cfm?articles_uuid=
3EBDA5B6-CB2E-179D-211BE1EBB4
A0CE0C
European Payments Council (2010) Shortcut
to the SEPA Cards Framework, EPC,
Brussels, available at:
http://www.europeanpayments
council.eu/knowledge_bank_detail.cfm?
documents_id=340
European Payments Council (2010)
‘Standardisation is Key — Focus on
security requirements and a European
certification framework’, EPC
Newsletter, Issue 7, July, available at:
http://www.europeanpayments
council.eu/article.cfm?articles_uuid=
C68372B9-0E89-665F-D086B2AF186
B5095
European Payments Council (2011) Response
Template Public Consultation 2011
SEPA Cards Standardisation Volume —
Book of Requirements, EPC, Brussels,
available at: http://www.european
paymentscouncil.eu/other_documents
Bruggink, Karsten and de Meijer
_detail.cfm?documents_id=522
European Payments Council (2011) ‘Work in
Progress — The EPC approves update of
the SEPA Cards Standardisation Volume
and a new Resolution “‘Preventing Card
Fraud in a Mature EMV Environment”’,
EPC Newsletter, issue 9, January,
available at: http://www.european
paymentscouncil.eu/article.cfm?articles_
uuid=C70EC06B-BDA8-2F05-D0B5A1
F8445D51AC
European Payments Council (2012) SEPA
Cards Standardisation Volume — Book
of Requirements Version 6.0, EPC,
Brussels, January, available at:
http://www.europeanpayments
council.eu/knowledge_bank_detail.cfm?
documents_id=560
European Payments Council (2012) ‘Version
6.0 of the SEPA Cards Standardisation
Volume — Book of Requirements
Published — SEPA cards standardisation
continues to move forward’, EPC
Newsletter, Issue 13, January, available at:
http://www.europeanpayments
council.eu/article.cfm?articles_uuid=
692CB4F3-5056-B741-DBA44323B733
2B55
ISO (no date) ISO 20022 Newsletters,
available at: http://www.iso20022.org
/newsletter_archive.page
The OSCar Project (2011) ‘Paving the way
for achieving SEPA for Cards’, The
OSCar Project, 28th February, available
at: http://www.paycert.fr/IMG
/pdf/OSCar_presentation.pdf
SWIFT (2010) ‘ISO 20022 for Dummies’,
SWIFT, La Hulpe, October.
Vanobberghen, W. (2011) ‘EPAS: a new breed
of universal card payment standards’,
EPASOrg, Milan, 17th May, available at:
http://www.insic.it/eventi/payment2011
/relazioni/epasorg.pdf
Page 99