By maintaining the specifications of the banking card applications, EMVCo has a huge effect on banking card business. Visa and MasterCard developed their own implementations (VSDC and M/Chip respectively) based on EMV specifications. They are almost identical, they have a few configuration changes. Contactless applications payWave and PayPass are also based on EMV specifications, however they were developed before EMVCo released a contactless specification.
It seems EMVCo is ahead of Visa and MasterCard this time, they released requirements for contactless payments by handsets. There are already implementations of Visa and MasterCard’s applications on handsets, but all of them have been dropped before launch -after pilot phase.
Basically, a mobile application is a user interface for accessing the EMV compliant payment application running on the secure element of the handset. Secure element can reside on the NFC controller of the handset or on the SIM card.
What EMVCo requires for these applications are;
- Application should have a soft/hard key for easy access. If it’s a soft key, it must be accessible from the main/home screen.
- Application should inform the handset/card holder when a contactless transaction is in place.
- Application should be secured by a password and it should be configurable to enable/disable the application.
- There should be an indication of contactless capability, just like the bluetooth icon.
- Handset shall provide a mechanism to notify the application when it is powered off.
It is a good effort to draw the boundaries of the environment and will lead the players in the industry to have a single user experience. It seems we will see more mobile payment applications on the market -hopefully in the commercial level rather than pilots.
Original document can be found here.