Personalization and Card Issuance. Bob Beer Vice President - Business Development Datacard Group June 4, 2002

Transcription

1 Personalization and Card Issuance Bob Beer Vice President - Business Development Datacard Group June 4, 2002

2 The complexity of multi-application cards and the need for process intense solutions 2

3 Multi- Process Solution 4 Platform Developer Provide ROM code for masking Provide Initial transport key Provide Platform Specification 6 Manufacturer KMA 5 Platform Specification Owner Provide Initial transport key (OP) Provide API Specification 3 IC Manufacturer 11 Platform KMA Provide Initial transport key (MULTOS) 14 Card Enabler 9 Developer Provide Initialised Chips Provide Card Enablement data/keys Provide (& AP Authorities (MULTOS)) Cards, Order Chips Request Card platform data Enablement data/keys and card keys (& AP Authorities (MULTOS)) 2 Card Manufacturer 12 Cardholder Order Cards Provide Cards Provide Card 1 Card Issuer Provide Load / Delete Request Load / Delete Request Authority to load / delete to specific cards Provide Authority to load / delete to specific cards, CRN 13 Loader Provide Enabled cards Provide Security Domain keys & data (OP) Provide Load files / units 7 Request Load files / units Provider Provide Keys Confirm load / delete Request details Keys Provide Load files / units & keys, & personalisation data, CRN Provide Specify Code Requirements 10 KMA 8 Owner 3

4 X3 Multi- Process Solution IC Manufacturer Provide Initialised Chips 2 X 4 Platform Developer Provide ROM code for masking Provide Initial transport key Card Manufacturer X12 Cardholder Provide Cards Provide Card 11 Card Issuer Provide Load / Delete Request Load / Delete O Provide Platform Specification 6 Manufacturer KMA Provide Initial transport key (MULTOS) Platform KMA X X Provide Card Enablement data/keys O Provide (& AP Authorities (MULTOS)) Cards, Order Chips Request Card platform data Enablement data/keys and card keys (& AP Authorities (MULTOS)) Provide Enabled cards Order Cards 1 Request Authority to load / delete X13 Domain keys & data (OP) Provide Load files / units 7 Request Load files / units Provide Keys to specific cards Provide Authority to Provider load / delete to specific cards, CRN X Confirm load / delete Request details Keys Provide Load files / units & keys, & personalisation data, CRN Loader 5 Platform Specification Owner Provide Initial transport key (OP) 14 Card Enabler O Provide Security O Provide API Specification X 9 Developer Provide Specify Code Requirements 10 KMA 8 Owner O 4

5 CUSTOMER SYSTEM SCMS CMS POST- ISSUANCE ISSUANCE SYSTEM Provider Collator Terminal network Pre-Processing 5

6 Perso and Issuance Components 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 6

7 Perso and Issuance Components 1. Customer 2. Pre-Processing 3. Data Collator 4. Issuance 5. Smart Card Management 6. Post-Issuance Delivery 7. Terminal Network 7

8 What is it? 1. Customer The customer system is what a card issuer currently has in place for managing card production. Where does it fit? The customer system is generally the beginning of the data flow for daily operation. 8

9 1. Customer 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 9

10 1. Customer Why do I need it? The Customer provides the basis for individual records (name, address, account #) and provides the input to the pre-processing system and an interface to the SCMS from the customers existing system. FAQ s: Will a smartcard management system replace my current CMS? How does my call center interface with a smartcard management system? 10

11 2. Pre-Processing What is it? The generation and preparation of data elements specific to the application(s) and card platform. Data elements may be static (issuance), dynamic (personalized), or both. Where does it fit? The pre-processing is upstream from card issuance (or post-issuance) and downstream from cardholder data capture from the customer system. 11

12 2. Pre-Processing 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 12

13 2. Pre-Processing Why do I need it? Streamline operations, simplify the manufacturing process, and provide flexibility to the solution. Reduce impact to Host Computing FAQ s: Do I need a separate Preprocessing system or can I do this in my mainframe? If I m going to a 3rd party provider, do I care about pre-processing? 13

14 What is it? 3. Data Collator The data collator system assembles perso data packets that are application specific together into a single record per card to drive smartcard personalization. Where does it fit? Data collation is prior to card issuance and after the pre-processing of the card data. Needs to be network accessible by issuance systems and the Card Management. Generally, this is located within a secure environment. 14

15 3. Data Collator 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 15

16 3. Data Collator Why do I need it? The Collator function is to assemble perso data from external application providers who may not be willing to provide the formulas or information to the issuer directly so that data can be generated. The Collator also performs a decollation function that takes audit info from the Issuance process and sends it back to the application provider. 16

17 FAQ s: 3. Data Collator Is this different from an Management (AMS)? 17

18 What is it? 4. Issuance The hardware and software system that provides for loading and personalization of the smart card. Where does it fit? The preprocessed and collated data elements are loaded onto the card. This can be a standalone single card issuance (reader) or high volume central issuance system. 18

19 1. Customer 4. Issuance 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 19

20 Why do I need it? 4. Issuance It is necessary to place all data elements on the surface of the card, as well as on the chip. Following perso, it provides information only available during card perso back to the SCMS and customer system. FAQ s: As an issuer, what must I have to issue a multiapplication EMV smartcard? How long does it take to personalize a smartcard? 20

21 5. Smart Card Management What is it? The smartcard management system manages all the smartcard specific data elements NOT managed in the customer system. This generally includes: application and card profiles chip data specific to the cardholder lifecycle card management cardholder registration Where does it fit? Acts as a hub to all smartcard processes. 21

22 5. Smart Card Management 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 22

23 5. Smart Card Management Why do I need it? Lifecycle management Card and application registrations Post-Issuance FAQ s: Is key management a function of SCMS? Can I perform post issuance on my cards without an SCMS? 23

24 6. Post-Issuance Delivery What is it? The interface point for real-time remote access via the internet, mobile access and kiosks. Where does it fit? Follows issuance and requires strong infrastructure with pre-processing network and SCMS. 24

25 6. Post-Issuance Delivery 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 25

26 6. Post-Issuance Delivery Why do I need it? This is the ability to real-time remotely update cardholder application data or add / delete new applications on a multi-application smartcard. FAQ s? Is there a standard? Is Post-Issuance possible today? 26

27 7. Terminal Network What is it? The network touchpoint back into the business system infrastructure for data capture, clearing and settlement via batch type transactions. Where does it fit? This is a post-issuance function that is ongoing throughout the lifecycle of the multiapplication smartcard. 27

28 7. Terminal Network 1. Customer 5. SCMS 6. Post- Issuance 4. Issuance 7. Terminal Network 3. Data Collator 2. Pre-Processing 28

29 7. Terminal Network Why do I need it? To provide independent business systems a mechanism to communicate with the postissuance smartcard infrastructure. FAQs: Does the SCMS need direct interface to terminal networks? Does this require significant integration effort? 29

30 GlobalPlatform GlobalPlatform has defined an interoperability infrastructure on which this is based GlobalPlatform is a cross-industry body with strong representation by the Vendor and Issuer community 30

31 GlobalPlatform Membership 31

32 Open Forum - Questions and Answers