Encryption is the process of encoding data so that it is unintelligible to those who don’t have authorisation (or the ‘key ’) to access and read the information. Encryption protects sensitive data – such as a cardholder’s PIN and card-unique transaction authentication keys – that must be loaded onto a card during ‘personalisation’ prior to issuing the card to the cardholder.
In this Q&A post, Michael Ward, Chair of the EMVCo Security Working Group, provides an insight into the role EMVCo plays in protecting card and cardholder data on EMV® payment cards, the benefit this brings to the industry and recent work to incorporate the Advanced Encryption Standard (AES).
What role does encryption play in EMVCo’s security offering?
Michael Ward: EMVCo is involved in many different areas of payment security. We recognise that there needs to be a layered approach to tackle the increasing sophistication of payment fraudsters, the different needs of the diverse payment community and the range of payment environments that EMV technology supports.
EMV defines how during a payment transaction the card authenticates to the terminal and issuer by signing transaction data using secret keys that were loaded into the card during card personalisation. Some cards may also be personalised with a copy of the cardholder’s PIN, thereby enabling the card to verify the cardholder PIN as entered during a payment transaction. For this process, EMV also defines how the entered PIN is encrypted by the terminal, transferred to the card and then decrypted by the card using a secret key loaded into the card during card personalisation.
Although EMV transaction security is primarily about card and cardholder authentication, encryption plays an important role in support of this authentication.
Why is encryption within the card personalisation process important to EMVCo?
Michael Ward: Encryption during card personalisation ensures that card transaction keys and cardholder data are inaccessible to anyone that is not authorised. Personalising the payment card is the start of the EMV security process and needs to be completed precisely and securely. This helps protect PINs and card transaction keys from access by fraudsters who might otherwise use stolen cards or create counterfeit cards.
What does EMVCo contribute to the personalisation encryption process?
Michael Ward: EMVCo plays a supporting role in defining how card and cardholder data are encrypted onto an EMV payment card during personalisation. The operation is undertaken by approved service providers as it represents a major phase in card production and security is essential.
Before EMVCo’s involvement, there were numerous methods of personalising EMV payment cards and many vendors provided different systems. Each time a card was developed, or new payment application released, issuers and personalisation vendors invested time and money to develop the corresponding personalisation process. Cards were typically using proprietary commands, which could make it difficult for card issuers to source cards from alternative suppliers or bureaus.
To address this, EMVCo defined a uniform approach to standardise the card personalisation process to enable faster, more efficient, and more economical solutions. The technical document was named the EMV Card Personalisation Specification (CPS), the first version of which was published in 2003.
What benefit does the CPS bring to the payment community?
Michael Ward: Providing clear guidance through a detailed specification encourages lower set up costs, faster time to market, and a greater choice of supplier for card issuers, both in terms of the card and personalisation bureau.
Most importantly for the industry, it makes it easier for card issuers to switch suppliers.
An update to the CPS has recently been published on the EMVCo website. What is new in this version?
Michael Ward: The CPS previously detailed the use of the Data Encryption Standard (DES) when personalising EMV cards. The updated specification now defines how the Advanced Encryption Standard (AES) can be used.
This is a newer more efficient encryption standard which offers various key lengths and improved security.
Why is this update needed? Is 2-key Triple DES no longer sufficient?
Michael Ward: EMVCo works to support technology evolutions that enable the EMV payment community to offer robust protection to cardholders. 2-key Triple DES is a 1990’s strengthening of a 1970’s algorithm (DES), which by that time was no longer secure. 2-key Triple DES still provides sufficient security for EMV, but AES is a newer, stronger design, is standardised by NIST and ISO, and offers better performance.
EMVCo does not work in isolation and aligns with the advances of other industry standards bodies. We recognise that AES is now used widely within the marketplace and it is important to ensure that this is appropriately referenced and defined within our specification so the industry benefits of the CPS are not diluted, and supplier choice can continue to be offered to card issuers.
Additionally, two of EMVCo’s close partners, the Payment Card Industry Standards Security Council (PCI SSC) and technical body GlobalPlatform, are both showing long term support for AES.
Does this mean EMVCo will stop supporting 2-key Triple DES?
Michael Ward: No. The CPS details the use of both 2-key Triple DES and AES and will continue to do so while there is an appetite in the marketplace for both encryption standards to be used.
It is not our role to mandate or dictate which encryption standard is used. But, it is important that we define the use of both so that there is consistency in card personalisation services and an ability to switch suppliers.
What is next for encryption and CPS?
Michael Ward: We will continue to monitor and listen to what the industry needs. At present, AES is a de-facto standard for encryption, and we are delighted to align the CPS to this. If the EMV community highlights new requirements or technical evolutions which are expected to be used on a mass market scale to deliver seamless payments, then this will be reviewed, and updates considered accordingly.
 A secret value that controls the decryption algorithm.