SIGN UP LOG IN

Working Groups

EMVCo has established several working groups and testing groups to carry out the organisation's work

Card Approval Working Group

The CAWG is chartered with the following:

  • Define, develop and maintain type approval processes and testing methodology for;
    • CCD and CPA compliant cards (Contact Level 1 and Level 2 (CCD/CPA))
    • Mobile Products (Contactless Level 1 and Level 2 (PPSE/AAUI))
  • Define, develop and maintain testing methodology for Contactless Level 1 for cards
  • Support, evaluate and approve;
    • CCD and CPA compliant cards (Contact Level 1 and Level 2 (CCD/CPA))
    • Mobile Products (Contactless Level 1 and Level 2 (PPSE/AAUI))
  • Define the qualification requirements and qualifies test tools implementing EMVCo testing methodology for Level 2 CCD/CPA, Level 2 Mobile PPSE/AAUI, Level 1 Electrical and Protocol, and Level 1 Analogue and Digital
  • Define the accreditation requirements and accredits test laboratories performing EMVCo testing for Level 2 CCD/CPA, Level 2 Mobile PPSE/AAUI, Level 1 Electrical and Protocol, and Level1 Analogue and Digital
  • Define the accreditation requirements and accredits auditors supporting EMVCo testing for Level 2 CCD/CPA, Level 2 Mobile PPSE/AAUI, Level 1 Electrical and Protocol, and Level1 Analogue and Digital
  • Respond to type approval and testing related queries and issues
  • Implement plans related to the above areas as defined by the Board of Managers

Interoperability Working Group

The Interoperability Working Group of EMVCo is chartered with the following:

  • Research and analyse reported issues and manage resolution to appropriate EMVCo working group or payment system
  • Proactively lead EMVCo working groups to resolve and prevent recurrence of interoperability issues by suggesting and endorsing changes
  • Review/approve resolution plans (e.g. spec change, test case updates, temporary workaround) and monitor progress of EMVCo changes and field resolution
  • Communicate to the industry regarding known field issues by publishing the IWG Issues List and Best Practice documents
  • Respond to interoperability-related queries received via the website
  • Develop and implement processes related to the support of interoperability as defined by the Board of Managers

Level 1 Working Group

The Level 1 Working Group of EMVCo is chartered with the following:

  • Maintain and enhance existing EMV® Level 1 specifications for both contact (Book 1) and contactless (Book D)
  • Provide and maintain the minimal Level 1 interoperability requirements for contact and contactless applications
  • Respond to Level 1 specification-related queries
  • Publish ongoing bulletins, errata and application notes when required
  • Potentially take on Level 1 related work items assigned from other working groups and task forces

Level 2 Working Group

The role of the L2WG is to maintain existing EMV® Level 2 specifications for both contact and contactless and within this capacity the working group’s activities include the following:

  • Maintain and enhance the Level 2 specifications for contact chip (application selection, Books 3, 4) and contactless (Books A, B and C’s)
  • Maintain the CPA specifications
  • Maintain the CPS
  • Provide and maintain the minimal Level 2 interoperability requirements for contact and contactless applications
  • Respond to Level 2 specification-related queries
  • Publish ongoing bulletins, errata and application notes when required
  • Potentially take on Level 2 related work items assigned from other working groups and task forces
  • Maintain and enhance the PPSE specification and other Mobile related documents (Card Manager Application white paper)

Level 3 Testing Group

The L3TG is chartered with defining a standardised set of L3 Test Tool components and interfaces, and the establishment and support of a centralised L3 Test Tool qualification service to qualify these components.  The charter also calls for further streamlining of the L3 testing execution process by making centralised services available for service provider accreditation and test result submission.

Security Working Group

The Security Working Group of EMVCo is chartered with the following:

  • Support and maintain elements of the specifications and guidelines related to security, primarily EMVCo Specification Book 2 as well as the security-related portions of Book 3 and Book 4.  This includes assessing emerging threats and vulnerabilities as related to the specification
  • Conduct an annual risk assessment regarding the strength of the RSA key lengths, which results in the annual RSA key length review bulletin
  • Assess other cryptographic algorithms include hashing algorithms, elliptic curve cryptography (ECC), Triple DES, and AES
  • Respond to security-related queries received via the website
  • Implement policy related to the above areas as defined by the Board of Managers
  • Liaison with other industry and standards bodies that impact EMV® security requirements

Security Evaluation Working Group

The Security Evaluation Working Group is chartered with the following responsibilities for integrated circuits (ICs), Platforms (IC + OS), Common Payment Application (CPA) and Common Core Definition (CCD) products:

  • Maintain and enhance the security evaluation process, which includes vendor relations, security lab recognition program, review of security evaluations,  product approval, and listing/delisting of approved products
  • Define and maintain security guidelines, which includes
    • Assessing emerging threats and vulnerabilities
    • Participating to the JIL Hardware Attacks Subgroup (JHAS) working group meetings and discussions to facilitate industry alignment
  • Respond to security-related queries received via the website
  • Manage software-based mobile payment activities
  • Implement plans related to the above areas as defined by the Board of Managers

Terminal Approval Working Group

The TAWG Working Group is chartered with the following:

  • Define and implement test plans based on the EMV® specifications
  • Define Tool qualification processes
  • Qualify test tools implementing EMVCo test cases
  • Define EMVCo Terminal Approval administrative processes
  • Define laboratory accreditation process
  • Define Auditor qualification process
  • Accredit & monitor laboratories implementing EMVCo processes
  • Manage the TAWG secretariat, Vendor’s contract signature and the issuance of the Letter of Approval (LoA)
  • Monitor the operational activity and manage its test process & tool updates
  • Identify and implement Terminal Approval process improvements
  • Respond to terminal  type approval related queries and issues
  • Liaise with other working group to better standardize processes

Tokenisation Working Group

The TWG of EMVCo is chartered with the following responsibilities:

  • Writing, maintaining, and enhancing the EMV® Payment Tokenisation Specification
  • In collaboration with other EMVCo Working Groups and outside industry bodies, develop processes for the following:
    • Defining the acceptance infrastructure
    • Establishing security requirements
  • Responding to payment tokenisation-related queries and issues
  • Implementing policy related to the above areas as defined by the Board of Managers.

3-D Secure Testing Group

The 3DSTG of EMVCo is chartered with the following responsibilities:

  • Define, maintain and enhance the testing and approval process
  • Define and make sure the testing infrastructure is available by defining the test plan and managing the testing platform development. The group is also responsible for the maintenance of the testing infrastructure
  • Establish laboratories availability and qualification related to EMV® 3-D Secure 2.0 specification and associated bulletins made available by 3DSWG
  • Provide necessary inputs to the 3-D Secure operational secretariat for the testing and approval process

3-D Secure Working Group

The 3-D Secure WG is responsible to:

  • Write, maintain and enhance the next generation 3-D Secure online payment
  • In collaboration with other EMVCo Working Groups and outside industry bodies, develop processes for the following:
    • Defining the 3-D Secure infrastructure
    • Establishing security requirements
  • Responding to 3DS-related queries and issues link to specifications

 

To accomplish this goal, the 3DSWG will interface with all EMVCo Working Groups, Business Associates, and Technical Associates to ensure that all necessary technical functionality and business use cases are included.