Based on the Scantech-Kernel-EMVApp Versionl application.O (EMVCo Terminal Level 2 certificate N 21645 0703 400 20 DEL) developed software for NURIT POS terminals that provides simultaneous reception of SmartPay cards, international magnetic stripe cards and EMV cards. The software has been certified to work with Way4 (OpenWay)systems
TranzWare (Compass Plus). MasterCard M/PAD specifications are implemented on NURIT POS terminals.

Personalization of MPCOS-EMV R5 cards with SMARTPAY and M/CHIP 2.1 apps

A personalization system has been developed for MPCOS-EMV R5 cards of two payment applications – SmartPay and M/Chip 2.1. two applications are Recorded to the card within the same personalization cycle. A CIM embosser with a smart card reader/writer is used as a personalization device. Data preparation for personalization of the M/Chip 2.1 application is provided by the TranzWare system of Compass Plus. For the SmartPay app in the future, you can:

decommissioning / commissioning individual app wallets (from 1 to 7);
modification of wallet parameters (currency, maximum balance, etc.).
payment application extension-dynamic addition and further use of data that is not directly related to the payment operation, but is necessary to provide additional services (utility payments, etc.).

Working with external systems

All ATMs and SmartPay card service points provide a service for paying for services in favor of third parties (mobile operators, insurance companies, cable TV studios
etc.), including invoices that require additional details. These payments are accepted both online and offline.
The SmartPay system is integrated with payment centers that collect and process information about utility payments (in particular, the “CITY”system).

Accepting cash (cash-in)

It is possible to accept cash with online crediting to a card or card account. This feature is implemented on ProCash 3100 ATMs and in PC-based Bank tills that work online.

Commission fee

The acquirer is provided with a flexible mechanism for determining the amount of Commission. The Commission amount can be defined as: 1-percent of the payment amount; 2-percent of the payment amount within the established limits; 3 – a fixed amount. Different Commission amounts (and types) may be set for different payment types.

SMARTPAY credit cards

For online lending at ATMs and at the Bank’s cash desks, the credit card holder is given the opportunity to independently determine the amount of deposits to the card within the maximum credit limit. For ATMs and Bank terminals, an additional function “end of the loan agreement” has been introduced, which allows credit card holders to pay off their current debt to the Bank. Card with the expired term of repayment may be temporarily blocked by issuing Bank on such cards are temporarily allowed only operations on reception of cash.

General description of the SmartPay system

Payment technology

The SmartPay non-cash payment system is based on a payment technology based on the use of cards with a pre-paid amount.
Each payment card wallet in the SmartPay system is linked to the cardholder’s card account. All card payments are made offline within the limits of the amounts previously transferred to the card wallets from the corresponding card accounts. Each time the card’s wallets are used, the owner’s PIN code is checked. Thus, for the owner, the loss of the card does not mean the loss of funds transferred to it.

Replenishment of payment card wallets in the SmartPay system is made within the balance of funds on the corresponding card account or at the expense of cash. Depending on the specific situation, the card top-up operation can be performed offline or online.
This technology is ideal for regions with poor communication systems, as well as for regions that are prosperous in this regard. For the former, this is the only way to implement non-cash payment systems using plastic cards. The second use of this technology allows you to reduce the cost of paying for telecommunications services and thereby increase the profitability of the project as a whole.
From a financial point of view, this payment technology, called “pre-authorized offline debit”, is interesting for both the Issuer and the cardholder. On the one hand, reserving funds on the card account in the amount of the corresponding wallet balance insures the Issuer from overspending funds on the card. On the other hand, funds transferred by the owner to the card continue to work for him, bringing interest on unclaimed balances on the card account.

SmartPay system information technology

in General, the structure and main functions and powers of participants in the SmartPay payment system are as follows.
The processing center (transaction processing Center, tsot) is the main participant of the SmartPay system, which provides centralized maintenance of the database of “shadow” accounts of payment card wallets, management and distribution of key information, collection, processing and accounting of transactions, as well as the formation and distribution of “black lists”. One processing center can serve several issuers.

The Issuer is a member of the SmartPay system that directly ensures the issuance of payment cards, maintaining and servicing card accounts of cardholders.
Acquirer-a member of the SmartPay system, who is responsible for the installation and subsequent information maintenance of terminal devices (POS-terminals, ATMs) that accept cards from various issuers of the SmartPay system. Within its terminal network, the acquirer serializes terminal devices and loads them with public (unclassified) card authentication keys, work tables, directories, and lists used in the system (“black lists”, currency tables accepted by this terminal, and so on). The acquirer also collects, records, and verifies the integrity and reliability of transactions, which are then distributed to the issuers of the SmartPay system and brought to the appropriate processing center.

Smartpay system terminal is a workplace where operations with payment card wallets are performed directly (debit – payment for goods/services and cash withdrawal; crediting – replenishment of card wallets), as well as providing information about the balance of wallets and changing the PIN code.

SmartPay card holder – an individual who has concluded an agreement with the Issuer of the SmartPay system to open a special card account. The SmartPay card holder gets the right to be served at any SmartPay system acquirer’s terminal with which the Issuer has concluded a card service agreement.
The membership of the SmartPay payment system is determined by the scale of a specific project. The higher the rank of the system (Republican, interregional), the wider the circle of its actors and, accordingly, their specialization. In projects on a local scale (the”salary” or club) the existence of individual SmartPay system participants either ceases to make sense at all, or their functions and powers are reallocated (for example, the functions of the Central Bank, Issuer and acquirer can be performed by the same organization).

Smartpay payment technology

Let’s look at how information is exchanged between participants of the SmartPay system.

For each Issuer, the tsot generates secret and public (unclassified) keys for static card authentication. Immediately before issuing the card to the client, the Issuer personalizes the card, during which it determines the number of wallets on the card (in the SmartPay system, you can place from 1 to 3 independent wallets on the PCOS card and up to 7 wallets for each SmartPay application on the MPCOS-EMV card), sets the currency and limits of each wallet (daily spending limit, free debit limit, etc.), and deposits wallets from the total amount of funds deposited by the client to the card account.

To use the contents of the card’s wallets, the owner presents the card at SmartPay terminals. Depending on the purpose of the terminal, you can use the card to pay for a purchase, get cash, as well as top up the contents of the card’s wallets or perform Bank account management operations. All operations for debiting funds from wallets are performed at POS-terminals, Bank terminals or ATMs, usually in offline mode. In addition, the acquirer has the right to establish a mandatory online connection with the PSC for certain operations (for example, when withdrawing large amounts of cash or paying for expensive purchases). Crediting (replenishment) of wallets can take place both in the online mode of online communication with the Issuer at a POS-terminal, Bank terminal or ATM, and in offline mode at a Bank terminal, ATM or offline lending terminal. Any personal computer with Internet access and equipped with a PC / SC reader can be used as an Internet terminal of the SmartPay system, from which the cardholder can perform operations to manage their Bank account, make payments and top up the payment card online.

At the set time, the acquirer of the SmartPay system collects its terminals, collects transactions generated during the day (or other reporting period) from them, distributes them to issuers and transmits them to the Central Bank. Based on the results of the day’s work, the acquirer prepares data for settlements between participants of the SmartPay system.
The transaction processing center of the SmartPay system checks the correctness of each received transaction, makes the necessary changes to the database of “shadow” accounts, and records the transaction in the archive. After all transactions are processed, the tsot starts generating reports for the issuers ‘banking systems and updates the” black lists ” for the acquirers.

Functionality of the SmartPay system

The SmartPay non-cash payment system provides the following operations with the card:
card personalization;
debit card wallets;
crediting card wallets online; crediting card wallets on the statement and on request; crediting card wallets for cash; getting a certificate of the availability of funds in card wallets;

modification of the payment application on the card (for cards MPCOS-EMV R5): o wallets and purses enter in use, modification of personalization data on the wallet (change currency wallet maximum wallet balance, etc.);
extension of the payment application, i.e. a special device for dynamically adding and further using data that is not directly related to the payment operation, but is necessary to provide additional functions , such as utility payments, etc.

Card personalization in the SmartPay system

in General, during the personalization process, the owner’s identification data is recorded on the payment card, the number of wallets and their parameters (maximum balance, currency, limits) are determined. When receiving a card, its owner enters PIN codes that restrict access to performing operations with the card’s wallets. PIN codes are stored on the card and, if necessary, can be changed by the cardholder at any terminal or ATM in the system.

In addition, during personalization, secret key information is written to the card, after which a special operation is performed to logically “burn” the card. As a result of this operations keys written to the card become available only to the operating system of the card itself.they cannot be overwritten or read from the outside.
When you personalize an MPCOS-EMV card, a so-called “SmartPay application” is pre-created on the card, which is essentially a virtual card of a single Issuer, for which the personalization process described above is performed. Multiple SmartPay applications can be created on a single MPCOS-EMV card that belong to different issuers, as well as applications that do not belong to the SmartPay system.

Debit card wallets in the SmartPay system

A debit payment operation is performed by a merchant’s terminal (cash point or ATM). Debit cards in the SmartPay system usually (if not otherwise established by the acquirer) occurs offline – without operational communication with the acquirer and the processing center.
In order for the card wallet to be debited successfully, the following conditions must be met:

The terminal is pre-loaded with the Issuer’s “black lists”, the acquirer’s Commission tables, and currency conversion tables.
The cardholder entered the correct wallet debit PIN code*(176)UTH.HTU
The terminal identified the card as belonging to “its” payment system.
The terminal did not find the card in the “black list”.
If the card currency does not match the terminal currency, the card currency must be specified in the terminal currency conversion table.

The balance on the card is not less than the payment amount (including the Issuer’s and acquirer’s commissions, as well as discounts provided by the Issuer for various categories of customers).

If all these conditions are met, the payment amount is deducted from the debit wallet balance.

Online crediting of a card wallet in the SmartPay system

The payment transaction of lending in the online (“online lending”) it can be performed at any terminal (ATM) of the system, provided that there is a connection with the Issuer. The security of the online lending procedure is based on the fact that the wallet’s secret key is known only to the Issuer and the card (it is written to the card during the personalization process). In General, online lending is performed according to the following scheme:
The cardholder enters the number of the wallet they want to top up and the amount of the requested credit on the terminal keyboard.

The terminal checks whether it is possible to credit the specified wallet for the requested amount (i.e., whether the amount of the current balance and the requested credit will not exceed the maximum balance of the wallet).
The terminal generates and sends a credit request to the Central Bank, which includes the amount of the requested loan, information about the credited wallet, and encrypted data about the current lending session.
The PSC checks the received request against “black lists” and determines whether there are enough available funds in the shadow account of the cardholder. If the requested amount is available, the tsot prepares data for crediting the wallet, encrypts it and sends it to the UTH.HTU terminal
After receiving data for crediting the wallet, the terminal passes it to the card, and it performs crediting the wallet.

Crediting of card wallets in the SmartPay system according to the statement and request

These types of loans in the SmartPay system are used in cases when the operational connection of the lending terminal with the Issuer is not rational or can not be provided. An example of crediting on a statement is the issue of a salary, which is ordered in advance and issued when money is received on the card accounts of cardholders. The tsot (Issuer) sends the credit statement via the acquirer to all points of crediting in the system.

The ideology of crediting according to the statement is not much different from the online lending described above. The difference is that instead of requesting credit data from the Issuer, the terminal searches for this data in the credit statement received from the acquirer. It should be noted that the system does not allow repeated crediting in cases when the card was topped up in a different way (for example, online) after the formation of the credit statement.
Lending on request also involves pre-ordering and subsequent performing a credit operation at a specific card service point. For example, the cardholder can order a Deposit to any card wallet over the phone, specifying at which point they want to transfer funds to the card.

Lending for cash to a card wallet in the SmartPay system

Performing a payment operation of crediting for cash in the SmartPay system is practically the same as lending in the online mode. The difference is that when crediting for cash, operational communication with the Issuer is not required, since the data for crediting the card wallet is prepared not by the Issuer, but by the terminal where the crediting is performed (the Bank terminal).

This means that the cash lending terminal must store credit keys, which requires additional technological and organizational measures to ensure security, and is therefore performed in the issuing Bank’s branches by responsible employees.
One of the options for technological measures to ensure the security of lending for cash in the SmartPay system is to use a special card of the operator of lending for cash and special lending algorithms. The use of technological measures does not cancel the provision of organizational and administrative measures of increased security at points of crediting for cash.

Protecting the issuing Bank in the SmartPay system

To protect the issuing Bank, the following security mechanisms are implemented:

Card fraud protection
Separate delivery of the lot (lot) of cards and the actual lot card, which contains the personalization code for this lot. This procedure prevents unauthorized use of cards by third parties.
Generating unique keys for each card. This mechanism is based on an algorithm for generating card keys from system-forming keys using a cryptographic checksum of unique card data. This means that new system-forming keys are generated for each series (issue) of cards. This ensures that the entire system is protected when the keys of both a single card and system-forming keys for a series of cards are compromised. With this approach, the system does not have a single master key, compromising which leads to compromising the entire system.
Transaction protection.
To protect payment transactions from forgery, the system provides mechanisms for generating transaction signatures on keys that are not known at the debit point. Such signatures are generated by the payment card itself based on the Issuer’s keys recorded on the card during personalization. There are several such signatures in the transaction, which allows different system participants to independently verify the authenticity of the transaction.
Protecting key information.
All keys in the SmartPay system are stored only in encrypted form. In plain text, keys appear only inside the encryption node and are not readable. It is possible to replace old keys with keys of the following versions. At the same time, a large number of keys of different versions may exist in the system.
The separation of powers of operators.
the system provides for differentiation of operators ‘ access to both information stored in the system and operations performed. All operations in the system are logged in a special log that is available for analysis only to the system administrator.

Seller protection in the SmartPay system

The following security mechanisms are used to protect the seller:

Authorization of payment cards.

Each terminal performs authentication (“identification”) when accepting a payment card. This process is based on the terminal’s knowledge of the authentication key that the Issuer passes to the merchant. The same key is recorded on the payment card.
Checking for “black lists”.
Before performing any payment operation, the card is always checked against the “black list”.
The separation of powers of operators.
For each terminal it is possible to distinguish between the authority for operations at the terminal. For example, you can select those responsible for making payments, for organizing the terminal’s communication with the acquirer for setting up the payment terminal, which also increases the security level of the system due to the principle of separation of powers.

Blocking the terminal.
If the seller leaves the workplace, he can block the terminal during his absence so that it can not be used by unauthorized persons. Note that a transaction always contains the number of the operator that performed the payment operation.