- By Abdullah Al-Shamim
Issuance of the very first bank card in Bangladesh dates to more than two decades ago. It was a magnetic stripe card. Despite its characteristic of having comparatively lower security, the magnetic stripe cards prevailed for a significant period. Then came chip cards along the path of evolution of bank cards.With a higher degree of security by incorporating cryptographic mechanisms and storage of sensitive data inside the embedded integrated circuit (IC) module, chip cards are currently considered the safest medium of card payment in the industry, to fight and prevent the card fraud, especially for the card-present environment.
At the heart of the chip-based transactions lies EMV—a standard originally created by Europay, Mastercard and Visa, currently managed by EMVCo—for the stakeholders of payment ecosystem to ensure security and global acceptance.The EMV standard encompasses not only the chip-based cards but also the payment acceptance devices like point of sale (POS) terminals and automated teller machines (ATM).
Over couple of years now Bangladesh started adopting EMV technology to enhance the security of the growing card transactions and almost 60% of the banks in Bangladesh are estimated to be EMV-ready now.
From a broad perspective, EMV migration involves the entire testing and certification of an EMV solution which is to be conducted prior to the deployment. This process consists of testing payment card,issuer and acquirer host systems, card personalization,payment acceptance terminal,and most importantly the interface testing with corresponding payment network, along with the required certifications at various stages.
Certification of EMV payment cards and terminals are covered by EMVCo certification and payment brand certification. For years EMVCo has been managing the Level-1 (L1) and Level-2 (L2) certificates, collectively known as Type Approval.The certification scope varies based on the card interface—contact and contactless. On top of EMVCo L1 and L2 certification, the payment brands got their own product certification process known as Level-3 (L3) and they provide the final approval given that their specific requirements are properly met.
Once the payment application for a card product is approved, it is personalized and tested according to the payment brand specification. Personalization verification can either be tested by the payment brand itself or through their accredited test laboratories.The issuer can also use test tools developed by the test laboratories during their product preparation phase to reduce the number of iterations for evaluation with the payment brands, which will eventually reduce time,as well as the certification cost.
Among the accredited test laboratories of the payment brands, the Underwriters Laboratories (UL) is vastly experienced and well-reputed. Their test tools passed the qualification processes and requirements for functional evaluations of major payment brands.For validation of the chip card personalization, UL offers Personalization Validation Tool (PVT) and for the terminal testing they have Brand Test Tool (BTT) for years now.
Kona Software Lab Ltd. is the authorized regional reseller of UL test tools and services; and is closely working with the banks and financial institutes to accompany them in their EMV testing & certification services. Kona has around 100 plus trained and experienced engineers to provide all sorts of required support to the banks and financial institutions. Kona has already provided these sorts of services to more than 15 banks and financial institutions in Bangladesh.
The author is the Senior Manager, Research & Development at Kona Software Lab Limited.
- “The Wolf of Wall Street: A Cautionary Tale of Excess and Greed” - March 3, 2023
- Hola gives the people of Bangladesh free access to a world of online content with the launch of its Hola Browser - January 27, 2023
- Don’t stop cultivating cash crops but increase production in unutilized lands: PM - January 13, 2023