Engaging, Enabling and Evolving Commerce in Canada since 1989

March 2013 ACTion Newsletter

Welcome to the March edition of ACTion News. This complimentary service is provided by ACT Canada; "building an informed marketplace". Please feel free to forward this to your colleagues.

If you would prefer to receive this newsletter in plain text please email your request to andrea@actcda.com.


  1. Editorial - Are Smart Cards Getting Smarter? Will They Leapfrog Mobile?
  2. Cardware Connections Member Networking Date Announced
  3. Multos Announces Breakthrough Technology
  4. TELUS Selects Gemalto SIM to Enable Secure NFC Mobile Payments
  5. Payment Leaders: NFC and Digital Wallets are Overhyped, Asia Will Lead Innovation (While Europe Lags Behind) – Members Only Story
  6. Visa and Samsung Sign Global Alliance Agreement to Accelerate Mobile (NFC) Payments
  7. AIS and Oberthur Prep Bangkok Public Transport Mobile NFC Trial
  8. Ten Debit Networks Adopt Common U.S. Debit Aid
  9. RBS and Natwest Launch Mobile App – Members Only Story
  10. Ingenico and Timbec Partner in Canada to Expand Secure Indoor Self-Service Payment Acceptance
  11. G&D Ensures Security of O2 Wallet Payments In Germany
  12. IBM Teams Up with ING Direct Canada
  13. VeriFone and SK C&C Team on Mobile Wallet Acceptance
  14. PayPal Here Takes on Square Register with New iPad Payments App – Members Only Story
  15. Home Trust Teams Up with SelectCore
  16. Interac Debit Card Fraud Skimming Losses Plummet to Lowest Level on Record
  17. Kellogg Company and AIMIA Power Consumer Loyalty with the Kellogg's Family Rewards Program
  18. New App Makes It Easier for Consumers to Scan, Buy Items – Members Only Story
  19. AJB Launches New Smartphone Mobile Payment App for Hughes Petroleum Ltd
  20. INSIDE Secure Reinvents the NFC Tag
  21. Western Union Continues Mobile App Expansion – Members Only Story
  22. SecureKey Briidge.Net Platform Brings Trust to Mobile and Online Transactions
  23. CPI Continues Debit and Credit Card Manufacturing Services for Community Banks
  24. NFC Installed Base to Exceed 500m Devices Within 12 Months – Members Only Story
  25. WorldPay Acquires Card Payments Service Provider YESpay
  26. Midcounties Co-Operative Upgrades to Contactless and Point-To-Point Encryption with TNSpay
  27. UL Becomes a Fully Appointed Common Criteria Information Technology Security Evaluation Facility (Itsef), Under the UK Scheme Run By CESG
  28. Fime Opens U.S. Office
  29. Rogers Suretap Service Available for Android, Blackberry 10

ACT Canada Partner:


Visa Canada Inc.
Visa operates the world's largest retail electronic payments network and is one of the most recognized global financial services brands. Visa facilitates global commerce through the transfer of value and information among financial institutions, merchants, consumers, businesses and government entities.



CUPS Payment Services ~ member since 2012
Desjardins ~ member since 2012
Scotiabank ~ returning member


Consult Hyperion ~ new member
CPI Card Group ~ member since 1999
EnStream LP ~ new member
Fime ~ member since 2006
Moneris Solutions ~ member since 2011
NBS Technologies Inc. ~ member since 2008
Oberthur Technologies ~ member since 2005
R3D Consulting Inc. ~ member since 2011


Pierre Roberge, Mobile & Payment Innovation Consultant ~ new member
White Pages Consulting ~ new member



ACT Canada has launched a Job opportunities section on our web site. Please visit www.actcda.com to see the latest job postings in our industry.


There is a lot of movement in the market, so if you are looking for new employees, we are always aware of some great people. Please contact ACT Canada for more details – postings@actcda.com.



Cardware Connections
April 18, 2013
The Albany Club
Toronto, ON, Canada
Open to ACT Canada members only

ACT Canada EMV Roadshow will be at the following two events:

Card Forum
April 7, 2013
Boca Raton, FL, USA

Cartes America
April 23, 2013
Las Vegas, NV, USA

NFC Solutions Summit 2013
May 15-16, 2013
Presented by The Smart Card Alliance and the NFC Forum
Hyatt Regency San Francisco Airport
Burlingame, CA, USA

Cardware 2013: Payment Insights
June 18-19, 2013
Marriott Gateway on the Falls
Niagara Falls, ON, Canada
ACT Canada members receive discounts



Source: Catherine Johnston, President & CEO, ACT Canada (02/27)

Are smart cards getting smarter? Will they leapfrog mobile?

This was a question asked at the Canadian Wireless Telecommunications Association Conference in Toronto on March 20th. Are you shocked by the question? Whether you are or not, you'll likely be shocked by the answer. Secure chips, whether on plastic or phones will always get smarter – no shock there. Smart phones are here to stay and will be used increasingly for payment – no shock there. Now sit down because here comes the shock. Chip cards can now do what cell phones can do – allow the FI to issue new applications to their existing card clients, without having to reissue the card or require the cardholder to come into a branch, using OTA provisioning. This is the holy grail of multi-application cards. The inability to do this on cards was why smart phones were a logical move for payment apps. However, now Multos has demonstrated their ability to securely download apps to a consumer's card. Why is this important to a market that is moving toward mobile payment?

For one thing, we have an infrastructure already in play, where business cases, security, consumer and merchant acceptance are all part of the payment fabric. This may be the first time that the new legacy infrastructure (chip) becomes the disruptive technology. How will the market shapers leverage this development? Many will do it profitably.

Thursday April 18th, 2013

Increase revenues, decrease costs and manage risks – where does this fit between the payment worlds of EMV and mobile? ... And where is the intersection of technology and consumers?

As issuers are looking for new ways to attract and retain customers; technology, behavioural
science and direct engagement are all tools. The surprise may be that these tools leverage the existing 100 million + cards in the field and can support a true competitive edge for those who use them.

Join us as Michel Chalifoux, Vice President Business Development, Multos International Pte Ltd, Peter Day, President of Endo Networks Inc; and Kelly Peters MBA, FICB, Managing Partner & CEO, BEworks answer challenging questions on how to profitably leverage EMV investments.

Visit www.actcda.com/calendar for more information. Please note this is an ACT member-only event.

To register click here.

Source: MULTOS (03/27) 

Multos International has introduced its innovative mobile payment solution "MULTOS in Motion" based on a microSD solution. Card issuers will now be able to securely download applications to their customers' cards by leveraging the MULTOS OS distributed issuance and post-issuance capability. MULTOS in Motion allows mobile provisioning over standard wifi access, avoiding the need for TSM infrastructure.

Multos International is introducing MULTOS in Motion to Canadian issuers and is currently geared up for issuers interested in pilots. For more information refer to attached document and contact Gihane Mourad gmourad@multosinternational.com.


Source: Gemalto (03/07)

Gemalto announced that Canadian telecommunications carrier TELUS will use Gemalto's UpTeq NFC SIM cards to enable consumers to securely store a variety of credentials on their SIM for use with their mobile phones. This fully compliant Europay MasterCard Visa (EMV) technology will enable customers to make secure payments, participate in loyalty programs, validate their transit pass, and redeem coupons using the secure credentials stored on their SIM cards accessed by with TELUS smartphones equipped with tap-and-go Near-Field Communications (NFC) and LTE capabilities. NFC technology makes life easier and more convenient for consumers around the world by making it simpler to make transactions, exchange digital content, and connect electronic devices with a touch of their phone.

The UpTeq NFC SIM secures credit and other payment card credentials, offering the same security protection as chip payment. The embedded software on the UpTeq NFC SIM has achieved compliance assessment and security testing certification in accordance with AmEx, MasterCard and Visa's highest requirements. Besides the NFC-compatibility, the SIM also has built-in LTE capacities which are fully compatible with existing networks.

"Gemalto's UpTeq NFC SIM technologies comply with the most stringent global security requirements and they have a vast track-record in the successful roll-out of NFC projects across the world," said Drazen Lalovic, vice-president of Market Planning at TELUS. "TELUS will be bringing mobile payment technology to customers very soon and we have teamed up with Gemalto to offer a secure and seamless experience to enable the storage of payment and non-payment credentials on TELUS SIM cards."

"Having migrated to EMV chip years ago, the Canadian market is naturally well positioned to offer NFC enabled credential solutions within its well-developed contactless ecosystem which boasts one of the greatest contractless-ready retail point of sale penetration rates globally," said Sébastien Cano, senior vice-president of Telecommunications at Gemalto North America. "TELUS' 7.7 million wireless customers will be among the first to enjoy the convenience of NFC services such as collecting loyalty points, redeeming coupons and accessing promotional offers with a simple wave of their NFC-enabled phone."

American Express is a member of ACT Canada; Gemalto, MasterCard and Visa are members of ACT Canada and Cardware sponsors; please visit www.amex.ca; www.gemalto.com; www.mastercard.ca & www.visa.ca.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section


If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: Visa (02/25)

Visa and Samsung announced a global alliance that combines Visa's expertise in payments with Samsung's leadership in mobile device technology – an alliance that has the potential to significantly accelerate the availability of mobile payments globally.

According to the agreement, financial institutions that are planning to launch mobile payment programs will be able to use the Visa Mobile Provisioning Service1 to securely download payment account information to NFC-enabled Samsungdevices. In addition, Samsung has agreed to load the Visa payWave applet onto its mobile devices featuring NFC technology. Visa payWave is Visa's mobile payment applet that enables consumers to make "wave and pay" contactless payments using mobile devices.

"Samsung devices enabled with Visa payment functionality will no doubt be a powerful product offering – especially in markets where paying with a mobile device is becoming commonplace," said Jim McCarthy, global head of product, Visa Inc. "However, the key to making mobile payments broadly available all over the world is to offer financial institutions a secure way to provision millions of smartphones with payment account information – and that is exactly what Visa andSamsung are ready to deliver."

"Samsung has been a pioneer in NFC devices and is again leading the way in enabling NFC-based mobile payments. The partnership with Visa represents a step towards a global mobile payment platform," said Dr. Won-Pyo Hong, President and Head of Media Solution Center, Samsung Electronics. "We believe that we have a strong value proposition for financial institutions that will ultimately allow consumer choice in NFC payments."

Near Field Communication (NFC) technology is the global communication standard that enables mobile devices to securely communicate with a payment terminal. ABI Research forecasts that a total of 1.95 billion NFC-enabled devices will ship in 20172. The Visa Samsung global alliance is a first of its kind between a leading NFC handset manufacturer and payment network that is paving the way for the implementation of large scale mobile payment programs. The initial areas of engagement that the two companies have agreed to include:

- Global Strategic Alliance
Visa and Samsung have agreed to work together to enable the next generation of Samsung mobile devices with Visa payment technology, and to partner with financial institutions to accelerate the availability of mobile payment solutions globally.

- Samsung to Connect to Visa's Mobile Provisioning Service
In order to enable financial institutions to launch large scale mobile (NFC) payment programs, Samsung will offer banks the ability to load payment account information over-the-air to a secure chip embedded in Samsung devices, using Visa's Mobile Provisioning Service3 which is linked to Samsung KMS (Key Management System) – a service that creates secure data storage domains for issuers.

- Samsung Awarded Global Visa payWave License
The Visa payWave mobile applet will be preloaded onto selected next-generation Samsung mobile devices featuring NFC technology and an embedded secure element. Off the shelf, these devices are ready to be personalized with Visa payment account information – a simple step that consumers will be able to initiate using a mobile payment application provided by their financial institution.

Visa is a member of ACT Canada and a Cardware sponsor; please visit www.visa.ca.

Source: Finextra (03/05)

Thai telco Advanced Info Service (AIS) has selected an Oberthur Technologies SIM card for its upcoming mobile contactless payments trial on Bangkok's public transport network. The new Oberthur DragonFly NFC SIM card, with embedded Mifare DESFire technology, will enable customers to use their mobile phones as e-purses to pay for public transportation and goods in the Thai capital.

Pilot participants can also directly top-up credit on their SIM card and check both their balance and transaction history using their mobile phones.

Oberthur claims that its new NFC SIM card range boasts increased speed, security and convenience as well as best-in-class certifications and an integrated anti-virus.

Supreecha Limpikanjanakowit, MD at AIS subsidiary Advanced MPay, says: "The major decision for us to select Oberthur Technologies was dragonFly's speed because it is key for transport, in order to offer to our customers a best-in-class experience."

Oberthur is also working with telco Etisalat in the UAE to offer NFC-enabled transit ticketing on the Metro, ahead of the roll out of a full mobile wallet later in the year.

Oberthur Technologies is a member of ACT Canada and a Cardware exchange place expert; please visit www.oberthur.com.

Source: PRNewswire via COMTEX(03/19)

The Secure Remote Payment Council (SRPc) announced that the ten debit network members of its Chip and PIN Workgroup have agreed to adopt a common U.S. debit application identifier (AID) and work with Discover Financial Services to license the D-Payment Application Specification (D-PAS) as the foundation of the common U.S. debit chip payment solution. The Workgroup will also evaluate enhancing the specification's security by including the one-time card number technology developed by First Data / STAR specifically to mitigate impact from skimming and data breach frauds.

"We are honored to have been chosen by the SRPc Chip and PIN Workgroup and feel that the strength of Discover's D-PAS technology, coupled with our universal and choice-centric EMV approach, will enable the market to move forward," said Diane Offereins, President of Payment Services at Discover. "Discover has deployed D-PAS for the past four years and already has millions of cards in market among international issuers. We are confident it is the right path forward for U.S. debit networks." The Workgroup, working in conjunction with the EMV Migration Forum, defined the foundation requirements for the proposed U.S. debit solution. This decision will enable the industry to move forward with a known application and process, simplifying changes for all stakeholders. Supporting a common solution provides the following benefits to payment system participants for the next generation of debit card payment technology.

-- U.S. financial institutions - continue to enjoy a robust and competitive payment industry, and maintain the flexibility to choose the debit networks they support based on business criteria rather than technological boundaries.

-- The merchant and acquiring community - maintain their ability to route transactions as they choose, based on their own selection criteria.

-- Processors - be able to support their issuing and acquiring clients' plans to move to an enhanced payment type and increased security without the redundant development needed to support multiple chip and PIN solutions.

AFFN, ATH, CO-OP Financial Services, Jeanie, NETS, NYCE, Presto!, PULSE, SHAZAM and STAR invite all other debit networks to participate in a consortium, which will govern the common U.S. debit solution, and undertake steps to commercialize it. In addition, advisory membership for merchants, issuers, processors and providers will also be available.

This decision is the culmination of months of evaluation of several proposals - including the most recent AID proposals by MasterCard and Visa. Evaluation criteria included: maintaining routing choice and network portability; availability of all cardholder verification (CVM) options; inclusion of point-of-sale and ATM transactions; support of contact and contactless transactions; ability to make future enhancements to the solution; inclusion of both current and emerging debit channels; and governance parity.

The debit consortium's next steps will be to finalize its governance structure and identify commercialization steps for deploying the common U.S. debit solution.

Unless all debit networks ultimately participate in this solution, industry stakeholders may need to support a multi-application chip environment for debit in the U.S. The Workgroup invites all debit networks to join this new consortium to adopt a common U.S. debit AID, minimizing the number of applications needed. The Workgroup maintains that establishing a standard common U.S. debit AID is the best way to avoid unnecessary complexity while achieving higher payment security.

Discover is a member of ACT Canada; MasterCard and Visa are members of ACT Canada and Cardware sponsors; please visit www.discover.com; www.mastercard.ca & www.visa.ca.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section


If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: MarketWire (03/04)

Ingenico announces a strategic partnership with Timbec Inc., a Montreal-based interactive indoor kiosk solution provider, to jointly market Ingenico's new generation iSelf-Service Series payment solutions in the growing dynamic self-service unattended payment acceptance vertical in Canada.

Due to Timbec's manufacturing and software development expertise in the interactive kiosk space, Ingenico Canada selected Timbec to build and promote secure 'off-the-shelf' as well as custom unattended payment solutions to meet the demands for ticketing, hospitality, transportation, retail and vending. The interactive kiosk solution will offer Timbec's ergonomic and customizable kiosk design with Ingenico's secure iSelf-Service product range, including the iUP250 intelligent PIN-pad, iUR250 slave hybrid card reader, and iUC150 slave contactless reader. The series is built on Telium2 technology and designed to securely accept all forms of electronic payment - EMV cards, contactless, NFC-enabled mobile transactions, and magnetic stripe cards.

"Today self-service unattended payment acceptance represents a tremendous business opportunity in Canada," said Paul St.-Jean, President of Timbec Inc. "As a leader in indoor kiosk solutions, we are constantly seeking to add value to our clients, by integrating innovative technologies with our custom interactive kiosks. Ingenico's iSelf-Service Series represents a new generation of unattended payment products which boasts the most current certifications. This partnership is a 'win-win' and will benefit our consumers, by adding and expanding 'round-the-clock' convenience of secure electronic payment at various unattended self-service business locations."

With easy, intuitive operation, and advanced, modular component design, the iSelf-Service product range delivers maximum flexibility and functionality to any business looking to extend their operational hours and market. Designed to meet the dedicated requirements of all self-service unattended business stakeholders, from kiosk manufacturers, integrators and operators to owners and consumers, iSelf-Service products are easy to integrate, secure, manage, and use.

"With the introduction of Ingenico's iSelf-Service products and payment solutions to Canada, we are very excited to further extend its reach by leveraging Timbec's expertise and flexibility in indoor custom kiosk designs," said Suzan Denoncourt, Vice President of Market Development, Ingenico Canada. "Unattended payment in indoor settings is evolving well beyond traditional implementations. This partnership will see us drive innovative solutions aimed at improving the customer experience and generating new revenue streams for merchants."

The joint Timbec-Ingenico iSelf-Service Unattended kiosk solution is already available for marketing and piloting in Canada.

Ingenico is a member of ACT Canada and a Cardware exchange place expert; please visit www.ingenico.com

Source: Giesecke & Devrient (03/26)

Giesecke & Devrient (G&D) will ensure the security of applications in Telefónica Germany's electronic wallet, the O2 Wallet. In February the telecommunications company became the first network operator in Germany to launch a wallet service. As part of a Friendly User Test, O2 customers are able to use their NFC-enabled smartphones with the related NFC SIM card to make contactless payments in all participating shops around the world. In future, the O2 Wallet will be expanded to include further applications such as coupons and loyalty programs. For the wallet service's pilot phase, G&D is providing the NFC SIM cards and the TSM (Trusted Service Manager) service.

With the O2 Wallet, customers can use their cell phone to make contactless payments in any shop that displays the MasterCard PayPass logo. G&D is providing the O2 Wallet's Trusted Service Manager service, which forms the basis for secure payments. Users' personal payment-card details are transferred to a specially protected area on the NFC SIM card. The Trusted Service Manager also provides additional lifecycle management services such as locking and unlocking the payment applications, for example in the event the NFC-enabled smartphone is lost.

Today, payments made with mobile devices are as secure as those made with chip-based bank cards. G&D's certified software and hardware elements, including its Trusted Service Manager services, fulfill the highest security requirements of payment providers such as MasterCard or Visa for payment transaction applications.

Telefónica S.A. and Giesecke & Devrient reached an agreement at the end of 2011 to establish a Europe-wide platform for NFC services. This agreement also covers provision of the necessary TSM technology.

Giesecke & Devrient, MasterCard and Visa are members of ACT Canada and Cardware sponsors; please visit www.gi-de.com; www.mastercard.ca & www.visa.ca.

Source: The Paypers (03/21)

ING Bank of Canada, a wholly owned subsidiary of Scotiabank and operating under the trade name of ING DIRECT, has entered an agreement with IBM to deliver financial services that enhance its customer experience including simplified account access across mobile devices and social media channels, voice recognition and advanced security.

Based on IBM software and services, these solutions support ING DIRECT's Orange Snapshot initiative, designed to provide its clients greater control to manage their accounts within their mobile and social lifestyle. Orange Snapshot gives mobile consumers a complete view of all their accounts, as well as bill payment and email money transfers, allowing them to sign on from their mobile devices.

Working with IBM, the bank's mobile solutions allow clients to access their ING DIRECT account information from within Facebook's social networking site. Clients who opt-in to this app are able to view their account balances, history and pending transactions as well as receive account notifications - real time messages automatically pushed to them within Facebook. ING DIRECT plans to expand this application further to include transactions such as transfers, bill payments and email money transfers.

The bank has also experimented with new voice recognition functionalities on their mobile apps that will allow clients to conduct simple banking transactions by speaking rather than typing or the application can read account information to the customer. ING DIRECT has also explored the use of biometrics within their mobile apps for purposes such as client login to enhance the client experience while maintaining the standards of security.

Scotiabank is a member of ACT Canada; please visit www.scotiabank.ca.

Source: VeriFone (02/27)

VeriFone Systems, Inc. and SK C&C, the Korea-based global IT services company, announced today they are partnering on deployment of open interface standards and technology platforms for management of digital wallet services, acceptance solutions and mobile commerce. The two companies are currently in deployment activity with several large mobile network operators (MNOs).

SKC&C has adopted VeriFone's OpenAPI common interface standards that govern communication between a mobile wallet and a merchant's acceptance device. The OpenAPI standards ensure that value-added wallet data such as offers, coupons and loyalty, are universally accepted and flow seamlessly through merchant systems without disruption of traditional transactions.

"MNOs are eager to deploy an end-to-end wallet solution, but need standardized interfaces and technology platforms to manage the complexity of advanced value-added mobile wallet applications for both consumers and merchants," said Paul Rasori, senior vice president of Marketing for VeriFone. "VeriFone payment solutions and services are widely adopted globally and, combined with our PAYmedia Mobile Marketing Platform, provide a management solution for SK C&C's wallet infrastructure."

The current deployment projects involve a peer-mode interface to enable an active dialogue between a mobile wallet and the merchant's payment acceptance device. Seamless integration of SK C&C's wallet solution with VeriFone technology platforms provides MNOs the ability to more rapidly deploy advanced mobile wallet services. MNOs are able to implement a variety of payment and non-payment transactions through the interaction of consumer mobile devices and merchant acceptance systems.

"With our mobile technology expertise, SK C&C has delivered innovative mobile commerce solutions to leading global MNOs, merchants, and platform companies.

Our partnership with VeriFone will enable MNOs to rapidly and easily deploy their mobile commerce services in the market," said Kim Min Seok, vice president of SK C&C's mCommerce division.

VeriFone's PAYmedia Mobile Marketing Platform connects the independent ecosystems of issuance and acceptance into one fully integrated environment. This makes it possible to deliver coupons, promotions and loyalty offers to consumer mobile devices based on geo-targeting, purchase history and demographic data, allowing consumers to receive and redeem promotional and loyalty offers and discounts on their mobile devices at the point of sale.

VeriFone is a member of ACT Canada and a Cardware exchange place expert; please visit www.verifone.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section


If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: Home Trust (03/04)

Home Trust announced that it has teamed up with SelectCore Ltd. to offer corporate and public sector prepaid card and payment solutions through Visa Canada and MasterCard Canada.

The Canadian payments market is anticipating explosive growth as Canada shifts into the digital age and moves away from paper cheques and cash forms of payment. This new venture will enable SelectCore and Home Trust to harness this growth and capture marketshare.

Prepaid Visa and MasterCard cards will be a key driver in the evolution of cheque replacement - driving significant cost savings for government agencies, corporations and consumers alike. The Canadian Task Force for the Payments System Review has set forth recommendations to reduce the use of cheques by 80 percent. SelectCore and Home Trust are well positioned to address this market demand by leveraging our combined synergies of technology, infrastructure, capabilities and expertise.

The Canadian prepaid market is expected to grow to an estimated $19.2B in the next five years alone, with an addressable market surpassing $125B. Our focus will be on targeting emerging segments of the market that are expected to drive the majority of this anticipated growth, including government benefits, healthcare, payroll, travel and incentives.

"We are excited by the opportunity to enter this rapidly growing payments space" said Gerald M. Soloway, Chief Executive Officer, Home Trust. "By expanding our portfolio to include prepaid card solutions, we are further diversifying our business. We look forward to building and developing our relationship with SelectCore".

"As the incumbent provider of government disbursement solutions and a pioneer in the prepaid industry, our agreement with Home Trust reconfirms our leadership position in the Canadian marketplace" commented Keith McKenzie, President of SelectCore. "We are delighted to be working with one of Canada's leading alternative financial services companies".

Home Trust is a member of ACT Canada; MasterCard Canada and Visa are members of ACT Canada and Cardware sponsors; please visit www.hometrust.ca; www.mastercard.ca & www.visa.ca.

Source: Interac (03/05)

Interac Association reported that Interac debit card fraud losses, as a result of skimming, are the lowest on record since 2003 – decreasing to $38.5 million in 2012 from a high of $142 million in 2009. This represents 0.012 per cent of domestic Interac debit card volume and the lowest volume of fraud losses since data were recorded in 2003. Further, the number of cardholders reimbursed fell to 93,800 in 2012 from 238,000 in 2009. Cardholders are protected from losses under the Interac Zero Liability Policy*.

"Our multi-layer strategy to fight debit card fraud is producing significant results and continues to reinforce strong confidence in the safety, soundness and security of the world-class Interac system," said Caroline Hubberstey, Head, External Affairs for Interac Association and Acxsys Corporation. "The ongoing conversion to chip technology is a vital tactic in our fraud prevention strategy, which is supported by other core elements that are critical to our continued success. These include valuable partnerships with law enforcement, financial institutions, acquirers, merchants and educational outreach to consumers."

While there are different security methods that can be used to secure cards enabled with contactless technology and the associated transactions, Interac Flash only leverages secure chip processing, instead of magnetic stripe data type processing. This protects Interac Flash against skimming, counterfeiting, and transaction replay types of fraud, including electronic pick-pocketing where readers are used to capture information.

"As an enhancement of Interac Debit, Interac Flash leverages the security behind Interac chip debit cards," said Hubberstey. "This results in comprehensive cardholder protections preventing criminals from capturing data on contactless cards through electronic pick-pocketing or other means."

At the end of January 2013, virtually all active Interac debit cards (99 per cent) and ABMs (99.6 per cent) had been converted to chip. Nearly 90 per cent of point-of-sale terminals (POS) had been converted. All POS terminals are to be converted by the end of 2015.

Interac Association is a member of ACT Canada and a Cardware sponsor; please visit www.interac.ca.

Source: Aimia (03/26)

Loyalty programs are essential tools in the savvy marketer's arsenal for building brand trust and affinity with customers. The importance of having a strong loyalty program was on display as Kellogg presented recently at Loyalty Expo in Orlando about the Kellogg's Family Rewards consumer-loyalty program. Launched in June 2012, the program has not only strengthened the relationship between families and all of the company's brands, but is producing useful data that brings new intelligence and insights to Kellogg on consumer buying behavior.

This targeted approach has paid off. The Kellogg's Family Rewards program membership is growing rapidly and now covers a majority of Kellogg products including cereals, frozen foods and snacks. The Kellogg's Family Rewards program has been such a significant asset for the company that national promotions, retail-specific offers, and brand promotions are now being run through the program. The program has brought greater efficiency and greater flexibility to marketing budgets since multiple products share an umbrella loyalty program, but still retain their individual appeal.

"When developing this program, we recognized the need to have a platform that would integrate multiple products across Kellogg's brands and extend across all brand promotions," said Dan Keller, Vice President - CRM and Loyalty at Kellogg Company. "We partnered with Aimia to develop the program, and in addition to driving loyalty, we've also been able to make data-driven marketing decisions which is critical in this competitive market."

Aimia's development of the platform for the Kellogg's Family Rewards program was guided by the intelligence and insights that are possible through the intersection of technology and marketing. Aimia's proprietary platform assigns a value to each code based on product, size and item cost, but also factors in a bonus point structure and national promotion overlays. The data that is generated when the consumer enters codes is analyzed to more effectively target promotions and offers to specific members. Aimia also provides data-driven catalogue technology for the program, which includes exclusive reward previews and member-specific reward items. As a result, Kellogg expects to see increased engagement with consumers and increased loyalty to products and its brands.

"Kellogg appreciated the importance of understanding their customers and what motivates them," said Jay Lee, Chief Strategy Officer, US Region, Aimia. "Leveraging insights from consumer data allows companies to get the right offer to the right customers via the right channels, fostering a strong, two-way consumer loyalty relationship while building a sustainable competitive advantage for the company."

AIMIA is a member of ACT Canada and a Cardware exchange place expert; please visit www.aimia.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section


If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: AJB Software (03/14)

AJB Software Design was on site in Edmonton, AB, March 12, 2013 to launch Hughes Mobile Pay at their flagship 721 Parsons Road location. AJB and Hughes representatives hosted local media and took them through the customer experience with the application that is already available on both iOS and Android devices, free to the consumer.

The application highlights that it allows the customer to pay for their gas and car wash purchases from the convenience of their car, avoiding the chilly Edmonton temperatures, while offering additional features like digital receipt tracking with the use of the app.

AJB Software is a member of ACT Canada; please visit www.ajbsoftware.com.

Source: INSIDE Secure (03/14)

INSIDE Secure introduced an innovative near field communication (NFC) tag that creates virtually limitless possibilities for interactions between NFC mobile devices like smartphones and a broad range of medical, communications, entertainment and other electronic devices. In addition to a conventional NFC contactless interface, the new INSIDE dual-interface NFC Forum Type 4 Tag also provides a unique one-wire interface that allows the tag to provide a low-cost wireless communications bridge between two devices, opening the door to an array of exciting new NFC applications.

"With the addition of the one-wire interface to our NFC type4 tags we transformed basic storage devices into a versatile communication channel that can be a very cost effective alternative to Bluetooth or other connectivity technologies." said Christian Fleutelot, executive vice president, digital security at INSIDE Secure.

With the new tags, for example, a single tap of an NFC phone to a Bluetooth wireless headset containing one of these tags can initiate the pairing operation. The tag detects the NFC field on the contactless interface, and sends a pulse over the one-wire interface to the controller inside the headset to start the pairing process.

This same kind of field sensing could be used to quickly and automatically establish Wi-Fi connectivity for the first time between an NFC device, such as a tablet, and a new wireless access point, or to start transferring data, through the tag, between the NFC and host devices.

The INSIDE dual-interface NFC Type 4 Tag is offered in two memory configurations. The VaultIC 151D offers a 1.5-Kbyte file system size, while the VaultIC 161D has a 16-Kbyte file system size, the largest in the industry. Each tag integrates a standard contactless interface with full ISO14443 Type B protocol support for communicating with NFC devices and an INSIDE Secure proprietary one-wire interface for connection to a host processor (using just one GPIO). Accessing the data contained within the file systems from either interface is performed using the standard NFC Forum command set.

The large 16-Kbyte storage capability of an embedded VaultIC 161D NFC tag makes it ideal for use in home medical monitoring devices, where it is able to store a days worth of medical data from the device's host processor through the one-wire interface. At the end of the day, a simple tap on the device with an NFC smartphone can transfer all of the information stored in the tag through the NFC interface into the phone, which can then transmit it to the medical center.

These VaultIC dual-interface tags are actually high-security modules designed to be used as NFC tags, and feature several hardware security protection/detection mechanisms to prevent tampering and a variety of external attacks, including dedicated hardware for protection against SPA/DPA/SEMA/DEMA attacks, advanced protection against physical attacks, environmental protection systems and secure memory management/access protection. In addition to standard NFC Forum Type 4 Tag operations, the dual-interface VaultIC tags can also authenticate the NDEF content stored in the tags, which can be digitally signed using on-chip asymmetric cryptography.

INSIDE Secure is a member of ACT Canada and a Cardware exchange place expert; please visit www.insidesecure.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section


If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: SecureKey (03/26)

SecureKey Technologies Inc. announced the commercial availability of its cloud-based briidge.net identity and authentication platform – a groundbreaking solution that enables people to use devices and credentials they already have to perform strong two factor authentication, bringing trust to mobile and online transactions. The briidge.net suite of extended enterprise federated authentication services is easy for people to use and reduces the number of user IDs and passwords they manage, without sacrificing security and privacy.

"Our briidge.net platform solves the trust problem of federated identification by offering a painless way to perform strong, two-factor authentication when connecting to online or mobile services without having to carry any additional tokens or cards," said Andre Boysen, executive vice president of sales and marketing at SecureKey. "It also solves significant cost and resource issues faced by online services due to high incidents of forgotten passwords. briidge.net services allow users to authenticate themselves using their own third-party credentials with a high degree of assurance and enhanced privacy, and offer the level of reliability and security organizations demand."

Organizations can choose between two briidge.net service offerings, depending on how frequently their users connect, and whether or not they want to support the use of third-party credentials: briidge.net Enterprise service – designed for financial institutions, government, healthcare providers, mobile network operators and other extended enterprises seeking to improve the security of their existing credentials with multi-factor authentication for accessing their online and mobile applications. It supports enterprise Bring Your Own Device (BYOD) initiatives and allows users to turn consumer devices such as smartphones, tablets, laptops, and others into strong "what you have" factors for authentication. It also enables devices to act as secure readers of in-wallet credentials like contactless payment cards, identity cards or dynamic QR codes. briidge.net Enterprise customers also can enable their credentials to be accepted by others through the briidge.net Exchange service to help those organizations better cope with infrequently-used credentials.

briidge.net Exchange service – based on a three-party model of users, credential providers, and credential subscribers, the briidge.net Exchange service allows authentication and identity information to be exchanged between credential providers and subscribers, while maintaining user privacy and control.

It enables organizations to accept credentials from a trusted third-party issuer such as a bank, government, mobile operator, or social media site. The Exchange service allows users to bring their own credentials (BYOC) from third-party providers and is ideal for infrequently-used services, such as government, utilities and telecom self-service, where password reset and account re-registrations lead to user frustration and high support costs. The briidge.net Exchange service reduces credential management expenses, increases service adoption, and easily integrates into online or mobile applications with minimal administrative overhead. The briidge.net Exchange service is an extension of SecureKey Concierge, a service that allows Canadians to use their bank authentication credentials to securely access online services from the Government of Canada.

"Establishing trust in the identity ecosystem is an essential ingredient for success, and companies like SecureKey are providing innovative solutions to address this need," said Don Thibeau, OIX chairman and president. "We applaud SecureKey for their efforts in delivering strong authentication and security services to enterprise companies and their mobile employees."

The critical device-based security offered by the briidge.net platform is made possible by briidge.net DNA security software, which transforms personal devices into strong, two-factor authentication tokens.

briidge.net DNA software already is embedded in third-generation Intel Ultrabook computers enabled with Intel Identity Protection Technology (IPT). It is available for Windows, Mac OS, iOS, Android and Blackberry platforms, and can be embedded by developers into their apps using a software developer kit (SDK). It can also be delivered over-the-air by a trusted service manager into SIMs or embedded secure elements for hardware-based security. briidge.net DNA can securely read Visa, MasterCard, Discover, Amex, Interac, PIV, ICAO and other contactless card formats.

The briidge.net platform provides a high level of trust for a wide variety of identity and authentication applications. Unlike one-time password (OTP) solutions that require users to type codes in to browsers and are subject to intercept attacks, briidge.net uses dynamic cryptograms to improve the user experience and security of application systems. This provides strong protection from operating system malware or man-in-the-middle, server-in-the-middle and other impersonation attacks.

SecureKey, Amex, Discover, Interac, MasterCard & Visa are members of ACT Canada; MasterCard and Visa are Cardware sponsors; please visit www.securekey.com; www.amex.ca; www.discover.com; www.interac.ca; www.mastercard.ca & www.visa.ca.

Source: CPI Card Group (03/14)

CPI Card Group announced that the company has received an extended Preferred Service Provider (PSP) agreement from The Independent Community Bankers of America (ICBA). As part of the agreement, ICBA-member community banks will continue to receive exclusive pricing for CPI's credit and debit card manufacturing services.

"We look forward to continuing our services for community banks in offering high quality products and services to their customers," said Steve Montross, president and CEO of CPI Card Group. "As the U.S. market migrates to the use of smart cards, we are ready to provide ICBA members with any additional assistance that they may need in order to ensure a smooth transition."

"ICBA is pleased to continue its relationship with CPI Card Group, which shares our goal of giving community banks the best tools possible so they can continue to be competitive in this space, all while ensuring that their customers receive secure debit and credit services," said Dan Clancy, executive vice president of services at ICBA.

CPI Card Group is a member of ACT Canada; please visit www.cpicardgroup.com.


Available in the ACT Canada Members Only section of our web site. Click on the link below to access this section


If you are a member of ACT Canada but do not have your login details please contact info@actcda.com.

Source: YESpay (03/06)

WorldPay announced the acquisition of YESpay International Ltd. Leveraging YESpay's technology, WorldPay will offer its UK clients a complete payment service, including merchant acquiring, card processing and payment terminals integrated with point of sale systems. The combined service will allow WorldPay and YESpay customers to fully exploit the evolving needs of omni-­‐channel shoppers with a single payment service operating in-­‐store, online and on mobile.

The acquisition, made for an undisclosed amount, is in response to growing demand from WorldPay's clients for truly integrated payment services to support the evolving needs of the omni-­‐channel shopper. It also enables YESpay to significantly increase the deployment of its solutions to WorldPay's customer base.

On completion, WorldPay will acquire YESpay's businesses and assets including payment platforms and technologies, its 150 employees, based in the UK, Canada and India and over 3,000 customer relationships.

Commenting on the deal, Chandra Patni, co-­‐ founder of YESpay, said: "The YESpay team look forward to significantly increasing the deployment of its multi-­‐channel integrated payments services within WorldPay's unparalleled customer base."

Ron Kalifa, CEO, WorldPay said, "We continue to invest in growing and maintaining WorldPay's market leading positions as we strive towards our goal of becoming the world's leading independent payment processing company. The YESpay acquisition is an exciting strategic opportunity for WorldPay and one that enhances our ability to help our client base transform their in-­‐store processes to meet the ever evolving needs of their customers."

YESpay International is a member of ACT Canada and a Cardware exchange place expert; please visit www.yes-pay.com.

Source: TNS (03/12)

The UK's largest independent Co-operative, The Midcounties Co-operative, is upgrading its payment systems with faster processing, enhanced security and new contactless functionality from Transaction Network Services (TNS).

Midcounties Co-operative, which has 253 stores throughout central England and beyond, will use the TNSPay solution as part of a point of sale upgrade it is undertaking with retail integrator InControl. TNSPay will enable Midcounties Co-operative to accept contactless payments of up to £20 in value, alongside EMV Chip and PIN transactions, processed by the PA-DSS validated TNSPay Payment Client. Support for contactless payments is integrated into the PIN Entry Device (PED), eliminating the need to have a separate contactless reader, saving valuable counter-space and reducing cabling complexity.

Andy Cresswell, Deputy CEO - Trading at Midcounties Co-operative, said: "When considering the upgrade to our ePOS estate, it was vital that we worked with a provider that could reduce our PCI compliance efforts, while enhancing our systems with new technologies. Contactless payments will allow customers to pass through our checkouts more quickly and easily, while the point-to-point encryption functionality should go a substantial way to reducing both the cost and complexity of our PCI compliance requirements."

Fintan Byrne, TNS' SVP and General Manager of UK and Ireland, said: "We're delighted that Midcounties Co-operative has chosen TNSPay and become an early adopter of relatively new technologies such as point-to-point encryption and contactless payments. The benefits TNSPay provides will enable Midcounties Co-operative to maintain a competitive edge in the industry."

TNSPay is a multi-channel payment gateway solution, which supports all major EMV cards and transaction types. It delivers fast and reliable transaction processing and is pre-accredited with leading UK and Irish banks.

Simplifying reconciliation and reporting, users can receive real-time management information with all transaction data available via the web for viewing or download. In addition, TNSPay Estate Manager allows merchants to remotely administer and manage their PIN-entry device (PED) estates, simplifying configuration and providing the ability to remotely upgrade PEDs, removing the need for costly site visits to update hardware in stores.

Transaction Network Services is a member of ACT Canada; please visit www.tnsi.com.

Source: UL (03/05)

UL is pleased to announce that their UK-based laboratory has successfully completed the process to achieve Common Criteria accreditation to ISO/IEC 17025 by the UK Accreditation Service (UKAS) and full ITSEF appointment under the UK IT Security Evaluation and Certification Scheme operated by CESG.

This accreditation and appointment means that UL can now undertake security evaluation to the highest level of vulnerability analysis (AVA_VAN.5). This helps their customers globally with security evaluation of their products to assess whether they meet state-of-the-art security assurance levels as per their claims.

Common Criteria (CC) is an international standard for IT security evaluation and certification. It provides assurance that manufacturers' claims over the security features of their products are valid and have been independently tested against recognized criteria. Independent testing laboratories, known as Information Technology Security Evaluation Facilities (ITSEFs), carry out CC evaluation. CC certification by CESG's Certification Body is internationally recognized through the worldwide CC Recognition Arrangement (CCRA) and the European SOG-IS Mutual Recognition Agreement (MRA).

Stephen Kirk, a UL Vice President, commented: "Becoming an accredited and fully appointed ITSEF is a critical milestone for UL. This new accreditation and full appointment enables UL to offer a fully comprehensive portfolio of advisory and security evaluation services to smartcard and smartcard-related device industry stakeholders."

Richard Manning, Head of CESG's Certification Body, added: "We are pleased to welcome UL as an accredited and fully appointed ITSEF to undertake CC evaluations for customers. This UKAS accreditation and CESG full appointment supports CESG's objective to continue to provide confidence in the security of evaluated IT products."

Card and terminal manufacturers can rely on UL´s extensive offering with regards to their security evaluation requirements, as well as functional testing and advisory services to address their global market access needs.

UL's transaction security services were formed after the acquisition of RFI Smart (part of RFI Global Services Ltd) in 2010 and Collis and Witham Laboratories in 2012. On the 1st of November 2012, the three companies rebranded to UL and became one. Under the UL umbrella they offer extensive advisory services, training, test and certification services, security evaluation services and test tools to the payment, mobile, e-ticketing and ID management domains worldwide.

UL is a member of ACT Canada and a Cardware exchange place expert; please visit www.ul-ts.com.

Source: Business Wire (03/04)

FIME America has expanded its regional network with the opening of an office in San Francisco, California. As the United States (U.S.) EMV migration deadline gets closer and the deployment of secure mobile services gathers momentum, the new location will provide U.S. payments and near-field-communication (NFC) stakeholders with local access to FIME's global secure-chip testing and certification expertise.

FIME, an advanced consulting and test services provider for end-to-end secure transactions, has launched a San Francisco operation to be in close proximity to its ever-growing customers based in the region. The team will offer consultancy services to assist market participants in developing sustainable secure chip technology implementations, as well as guide parties through the testing and product certification stages. The office will initially offer EMV contactless testing services so that regional stakeholders can confirm that their NFC products perform as intended in the marketplace and have optimal interoperability.

"It is an exciting time for the U.S. payments market as it implements a secure chip infrastructure," says Xavier Giandominici, Director at FIME America and responsible for the launch of the new office. "This not only sees the country migrate to the global EMV payment standard, but also benefit from the endless opportunities this framework presents in terms of NFC technology functionality and the delivery of secure mobile services. To ensure optimum return on investment U.S. payments, NFC and mobile communities should acknowledge future requirements now so that they can implement long-term strategies that are flexible to changing market needs."

FIME America has already played a role in the Canadian EMV migration and is currently supporting the certification requirements of the country's mobile services ecosystem. In August 2012, FIME announced that its Montréal laboratory was the first facility to be authorized by Isis to certify Isis products, including mobile handsets and secure elements. FIME America teams are also playing a major role in supporting Latin America's continuous effort towards full EMV migration, with its engineers supporting ATM networks in their effort to meet the liability shift mandate.

Pascal Le Ray, General Manager at FIME, adds: "FIME has over 15 years' experience supporting stakeholders that have implemented EMV — and increasingly NFC — solutions globally. In addition to our knowledge on the standards that are mandatory, we also have expertise on the specifications that will support the next generation of payments and the delivery of value-added services. Understanding this landscape during the product development stages significantly reduces product time to market and provides the capability to quickly adapt to future functional and regulatory updates. We believe the U.S. market will advance quickly and FIME's industry insights offer real advantages to our customers."

FIME has a global presence across America, Asia, Europe, Middle East and Africa, and India, through its team of over 200 experts and consultants. The advanced testing provider partners with leading schemes and industry bodies to provide certifications and enhance the secure chip ecosystem.

FIME is a member of ACT Canada and a Cardware exchange place expert; please visit www.fime.com.

Source: telecompaper.com (03/20)

Canadian communications and media company, Rogers Communications has announced the certification of its suretap service for the Android and BlackBerry 10 operating systems. The certification allows issuers including banks, loyalty and reward programmes to develop mobile payment services for Android and BlackBerry 10 devices that leverage the secure SIM card in an NFC-enabled device. Rogers suretap service enables smartphones to securely perform payments on mobile devices and is accepted at MasterCard PayPass and Visa payWave contactless terminals across Canada. Suretap ready devices now certified as ready to support new mobile payment applications that accept MasterCard and Visa credit cards include: BlackBerry Bold 9900, BlackBerry Curve 9360, BlackBerry Bold 9790 and BlackBerry Z10 models, LG Optimus G and Samsung Galaxy S III and Note II models.

MasterCard and Visa are members of ACT Canada and Cardware sponsors; please visit www.mastercard.ca & www.visa.ca.

Entering our 25th year, ACT Canada has been the internationally recognized authority in the market. As the eyes, ears and voice for stakeholders focused on secure payment, mobile, NFC, loyalty, secure identity, and leveraging EMV, we promote knowledge transfer, thought leadership and networking. We help members protect their interests, advance their causes, build their business and grow the market. We take a neutral and non-partisan approach to all issues, facilitating collaboration among issuers, brands, acquirers, merchants, regulators, solution providers, governments and other stakeholders. Over 50% of our members have been with us for more than 5 years, enjoying ongoing value from their affiliation with ACT Canada. Please visit http://www.actcda.com or contact our office at 1 905 426-6360 x122.

Please forward any comments, suggestions, questions or articles to andrea@actcda.com. Please note that articles contained in this newsletter have been edited for length, and are for information purposes only. If you would like to be removed from our newsletter distribution list please follow the unsubscribe instructions at the bottom of the email.


Andrea McMullen
Vice President, Operations
ACT Canada
tel: 905 426-6360 ext. 124
fax: 905 619-3275
email: andrea@actcda.com
web: www.actcda.com
mail: 85 Mullen Drive, Ajax, ON, L1T 2B3

For more information, please contact Andrea McMullen at 1 905 426-6360 ext 124 or email andrea.mcmullen@actcda.com.

Please forward any comments, suggestions, questions or articles to andrea.mcmullen@actcda.com. Please note that articles contained in this newsletter have been edited for length, and are for information purposes only.