Working Groups

Card Approval Working Group

The CAWG has the mission to develop card and mobile type approval processes and testing methodology for the following:

  • Card Contact Level 1 (electrical and protocol) as defined by EMVCo Specifications
  • Card Contact Level 2 (functional) as defined by EMVCo CCD and CPA Specifications
  • Card Contactless Level 1 (analog and digital) based on EMVCo Contactless Communications Protocol Specification (testing methodology only)
  • Mobile Contactless Level 1 based on EMVCo Contactless Communications Protocol Specification
  • Mobile Contactless Level 2 as defined by EMVCo Contactless Mobile Payment – Application Activation User Interface ([AAUI])

To fulfil its mission, the CAWG is chartered with the following:

  • Define, develop and maintain type approval processes and testing methodology for;
    • CCD and CPA compliant cards (Contact Level 1 and Level 2 (CCD/CPA))
    • Mobile Products (Contactless Level 1 and Level 2 (PPSE/AAUI))
  • Define, develop and maintain testing methodology for Contactless Level 1 for cards
  • Support, evaluate and approve;
    • CCD and CPA compliant cards (Contact Level 1 and Level 2 (CCD/CPA))
    • Mobile Products (Contactless Level 1 and Level 2 (PPSE/AAUI))
  • Define the qualification requirements and qualifies test tools implementing EMVCo testing methodology for Level 2 CCD/CPA, Level 2 Mobile PPSE/AAUI, Level 1 Electrical and Protocol, and Level 1 Analogue and Digital
  • Define the accreditation requirements and accredits test laboratories performing EMVCo testing for Level 2 CCD/CPA, Level 2 Mobile PPSE/AAUI, Level 1 Electrical and Protocol, and Level1 Analogue and Digital
  • Define the accreditation requirements and accredits auditors supporting EMVCo testing for Level 2 CCD/CPA, Level 2 Mobile PPSE/AAUI, Level 1 Electrical and Protocol, and Level1 Analogue and Digital
  • Respond to type approval and testing related queries and issues
  • Implement plans related to the above areas as defined by the Board of Managers

Interoperability Working Group

The Interoperability Working Group of EMVCo is chartered with the following:

  • Research and analyse reported issues and manage resolution to appropriate EMVCo working group or payment system
  • Proactively lead EMVCo working groups to resolve and prevent recurrence of interoperability issues by suggesting and endorsing changes
  • Review/approve resolution plans (e.g. spec change, test case updates, temporary workaround) and monitor progress of EMVCo changes and field resolution
  • Communicate to the industry regarding known field issues by publishing the IWG Issues List and Best Practice documents
  • Respond to interoperability-related queries received via the website
  • Develop and implement processes related to the support of interoperability as defined by the Board of Managers

Level 1 Working Group

The Level 1 Working Group of EMVCo is chartered with the following:

  • Maintain and enhance existing EMV Level 1 specifications for both contact (Book 1) and contactless (Book D)
  • Provide and maintain the minimal Level 1 interoperability requirements for contact and contactless applications
  • Respond to Level 1 specification-related queries
  • Publish ongoing bulletins, errata and application notes when required
  • Potentially take on Level 1 related work items assigned from other working groups and task forces

Level 2 Working Group

The role of the L2WG is to maintain existing EMV Level 2 specifications for both contact and contactless and within this capacity the working group’s activities include the following:

  • Maintain and enhance the Level 2 specifications for contact chip (application selection, Books 3, 4) and contactless (Books A, B and C’s)
  • Maintain the CPA specifications
  • Maintain the CPS
  • Provide and maintain the minimal Level 2 interoperability requirements for contact and contactless applications
  • Respond to Level 2 specification-related queries
  • Publish ongoing bulletins, errata and application notes when required
  • Potentially take on Level 2 related work items assigned from other working groups and task forces

Mobile Payments Working Group

The Mobile Payments Working Group of EMVCo is chartered with two key responsibilities:

  • Focus on addressing and resolving technical infrastructure issues associated with enabling contactless mobile payments (CMP), determining best practices and provision of supporting documentation
  • Take a collaborative approach to standardization efforts.  Liaise, on behalf of the payments industry, with other industry groups and market forces in CMP standardisation efforts
    • Prioritise and identify those requirements, standards, specifications and processes that:
    • Are within domain of other related standards groups or EMVCo working groups;; (this drives high priority liaison efforts)
    • Are in need of development by the MPWG and that would complement its liaison activities;
    • Provide the contactless mobile payments community with appropriate guidance in developing various parts of the mobile payment infrastructure (from the payment industry perspective)

Additionally, via the mPOS Task Force’s activity, the MPWG evaluates existing EMV specifications in light of known innovative mPOS solutions currently in existence or under development.  It provides recommendations regarding changes to the existing EMV specifications, as well as proposes new work efforts to accommodate mPOS solutions.

Security Working Group

The Security Working Group of EMVCo is chartered with the following:

  • Support and maintain elements of the specifications and guidelines related to security, primarily EMVCo Specification Book 2 as well as the security-related portions of Book 3 and Book 4.  This includes assessing emerging threats and vulnerabilities as related to the specification.
  • Conduct an annual risk assessment regarding the strength of the RSA key lengths, which results in the annual RSA key length review bulletin.
  • Assess other cryptographic algorithms include hashing algorithms, elliptic curve cryptography (ECC), Triple DES, and AES.
  • Respond to security-related queries received via the website.
  • Implement policy related to the above areas as defined by the Board of Managers.
  • Liaison with other industry and standards bodies that impact EMV security requirements

Security Evaluation Working Group

The Security Evaluation Working Group is chartered with the following responsibilities for integrated circuits (ICs), Common Payment Applications (CPA), Common Core Definition (CCD) and platforms (IC + OS):

  • Maintain and enhance the security evaluation process, which includes vendor relations, security lab recognition program, review of security evaluations,  product approval, and listing/delisting of products
  • Define and maintain security guidelines, which includes
    • Assessing emerging threats and vulnerabilities
    • Supporting the work of JIL Hardware Attacks Subgroup (JHAS)
  • Respond to security-related queries received via the website
  • Implement plans related to the above areas as defined by the Board of Managers

Terminal Approval Working Group

The TAWG has the mission to develop terminal approval processes and testing methodology for:

  • Contact Level 1 (electrical and protocol) as defined by EMVCo Specifications
  • Contact Level 2 (functional) as defined by EMVCo Specifications
  • Contactless Level 1 (analog and digital) based on EMVCo Contactless Communications Protocol  Specification
  • Contactless Product (Entry Point & Kernel C-n) based on EMVCo Contactless Specification

The TAWG Working Group is chartered with the following:

  • Define and implement test plans based on the EMV specifications
  • Define Tool qualification processes
  • Qualify test tools implementing EMVCo test cases
  • Define EMVCo Terminal Approval administrative processes
  • Define laboratory accreditation process
  • Define Auditor qualification process
  • Accredit & monitor laboratories implementing EMVCo processes
  • Manage the TAWG secretariat, Vendor’s contract signature and the issuance of the Letter of Approval (LoA)
  • Monitor the operational activity and manage its test process & tool updates
  • Identify and implement Terminal Approval process improvements
  • Respond to terminal  type approval related queries and issues
  • Liaise with other working group to better standardize processes

Tokenisation Working Group

The TWG of EMVCo is chartered with the following responsibilities:

  • Writing, maintaining, and enhancing the EMV Tokenisation Specification
  • In collaboration with other EMVCo Working Groups and outside industry bodies, develop processes for the following:
    • Defining the acceptance infrastructure
    • Establishing security requirements
  • Responding to tokenization-related queries and issues
  • Implementing policy related to the above areas as defined by the Board of Managers.