After After several months of research, 16 banks representing five European countries (Belgium, France, Germany, the Netherlands and Spain) approved the official launch of a new European payment scheme called the European Payments Initiative (EPI).
You missed chapter 1? Read it.
You missed chapter 2? Catch up.
Chapter 3: technological context
The implementation of EPI requires a good understanding of the entire payment ecosystem in Europe. This includes a comprehension of multiple domestic constrictions, as well as the underlying technologies necessary for the operation of such a payment network.
Having better control of the payment chain, EPI will be able to facilitate omnichannel customer journeys while maintaining a high level of security. This simplifies compliance with PSD2’s Strong Customer Authentication (SCA) requirements.
Arnaud Crouzet
VP Security & Consulting at FimeThe technological roadmap
Converging the payment systems of banks, merchants and payment service providers (PSPs) requires wise and sustainable technical choices. These choices will be the subject of evaluation and are already included in EPI's technical and operational roadmap.
The entire payment chain must be considered, from the issuance of the means of payment, to the acquisition of the transaction, including the merchant acceptance network, processing and compensation.
The current domestic cards could be gradually replaced by “EPI” cards, that would no doubt also be co-badged with international networks. A transition phase would have to be taken into account so that any new EPI cards can be accepted by the acceptance networks in place.
EPI-ready technologies
Luckily, the technical solutions that could meet EPI’s needs do not necessarily need to be created from scratch. Most of the solutions already exist and are ready to be implemented.
The transactional core of the EPI will be based on Instant Payments (SCT Inst), the infrastructure of which is already live and operational.
On the POS terminal side, several open kernels could be considered:
PURE proposed by Thales BPS
WISE from the White Label Association (WLA) by Idemia and G+D [1]
CPACE, a generic card and mobile kernel created by the ECPC (European Card Payment Cooperation) [2]
On the acceptance side, nexo standards protocols based on ISO 20022 meet the desired interoperability requirements in Europe. As seen previously, the protocols have been chosen by renowned banks and merchants for the deployment of homogeneous payment solutions to simplify payment acceptance management and reduce costs.
Likewise, for the "acquirer to issuer" component, ATICA [3] appears to be the best solution which allows for a complete payment chain based on ISO 20022.
Boosting innovation with new technologies
EPI should also choose its tokenization solution, especially for the mobile wallet service and integration into XPay, and potentially also in the context of Request-to-Pay and for PAN [4] - IBAN [5] conversions.
For the management of strong authentication via EMV®* 3DS, EPI could set up a dedicated Directory Server. Having better control of the payment chain, EPI will be able to facilitate omnichannel customer journeys while maintaining a high level of security. This simplifies compliance with PSD2’s Strong Customer Authentication (SCA) requirements.
Additionally, biometric technologies have evolved significantly in recent years and could become an element increasingly used for authentication to prevent fraud while limiting disruption of the payment experience. Depending on the use case, several types of biometrics are possible, including:
Physiological biometrics, linked to characteristics of the person such as fingerprint, palm, face, iris and voice.
Behavioral biometrics, linked to dynamic behavioral characteristics, such as the way someone moves, gestures and types on the keyboard.
Current advances make it possible to couple biometrics with artificial intelligence to ensure security while keeping the payment experience simple, intuitive and seamless.
EPI will need to maintain a consistent environment across all the solutions deployed for the various participating players and processors. It is therefore necessary to set up a dedicated certification body to outline rules, definitions, test plans, specific test tools and a dedicated organization for obtaining certification.
Benefiting from evolving technologies, EPI could rely on modern, scalable test solutions and "machine-readable" scripts to facilitate the deployment of innovative payment solutions.
Paving the way for digitalization in Europe
Several factors come together to make the ambitious project of EPI a success politically, economically and technologically.
Supported by several national and European organizations, including the European Commission[6], EPI is fully aligned with Europe's management roadmap for digital payments.
The next nine months will be fundamental in ensuring that this European initiative succeeds.
To learn more about the European Payments Initiative, read our three-part blog series on the project on our website. Download the full report here.
*EMV® a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.
[1] G+D - Giesecke+Devrient
[2] ECPC – European
Card Payment Cooperation - web site
[3] ATICA – ISO TC 68
/ SC 9 / TG 1 details and here
[4] PAN - Primary
Account Number - Number identifying a payment card. For more details, refer to
payment training in English, and the innovative full digital “serious game” EMV
training (introduction video)
[5] IBAN - International Bank Account Number
[6] The European
Commission welcomes the initiative to launch a European payments initiative
(EPI) here
Stay tuned with Fime.
