Enabling Connections…Finding Solutions…Researching Technology

The Future of Payments PCATS Annual Conference

Gray Taylor Executive Director PCATS gtaylor@pcats.org

Terence Spies Chief Technology Officer Voltage Security terence@voltage.com

The Future of Payments PCATS Annual Conference

Snapshots…

• Est. $550B industry sales • Continued Privatization

– Prepaid will eat cash sales – ACH will feed off debit

• Cost “holiday” from Durbin 3

Source: Nilson Report, NACS

Industry Card Costs to 2017

$12.3

$10

$11

$12

$13

$14

$15

$16

$17

$18

$19

$20

2012 2013 2014 2015 2016 2017

Billi

ons C

ard

Cost

P.A.

No Durbin Durbin Durbin Recast

Sources: Nilson Report, NACS CPP

$5.6B

$8.2B

Saved $.73B 2012

• Durbin “1” was flawed, but good • Durbin done right is essential! • Routing will be accretive (TBD)

Takeaways: • We have a lot of work to do with the Fed in 2014 • How might we fully leverage routing?

Payments in Flux – The Perfect Storm Big Theme

1. Digitization of payments 2. Redefining retail banking 3. Consumerization 4. Alternative currency 5. Authentication 6. Many to many, “Cloud” 7. Paucity of standards/regs

Risk/Opportunity 1. Digital = “for profit” 2. Consumer attitudes on payments 3. BYOD defining society & payments 4. Will drive mobile adoption 5. Analog to digital ID, new “trust” 6. Traditional net structure destroyed 7. “Wild West” scenario

Market dominants are at significant risk – so are we…

Funding

Check

Credit

ACH/Transfer

Debit

• Ubiquity is essential • Settlement essential • Trust is essential • Security essential • Funding clashes with method

Funding Systems Method

Systems

MagStripe

Check

Coupon

New methods?

• Ubiquity is essential • USER EXPERIENCE!! • Standards essential • Security essential • Authentication is essential • HIGHLY DYNAMIC - Mobile

Payments Ecosystem – Business & Consumer

Currency $

DDA

Prepaid

Credit Line

• Can be consumer or business • Does not have to be a “bank” • Not too dynamic – BitCoin? • Trust is essential • Highly regulated

Interchange is Hosed (long live interchange)

• Level playing field gone – Cards will seek to

maximize revenue in (small) niches

– MC Codes mean nothing – Cards have released

banks to do bilaterals – Cost complexity ↑

• Routing needs volume

Size matters

Estimated Card Sales - 20121 Wal-Mart $131.48 2 Costco $56.83 3 Shell $46.60 4 Target $43.18 5 Chevron $40.49 6 The Home Depot $39.61 7 Kroger $36.87 8 Walgreen $32.51 9 CVS Caremark $31.84

10 Amazon.com $30.97 11 Lowe's $29.62 12 ExxonMobil $28.42 13 CITGO $28.42 14 Phillips $26.25 15 BP $24.85 16 Apple Stores / iTunes $21.60 17 Best Buy $20.65 18 McDonald's $17.80 19 Macy's $16.57 42 7-Eleven $4.28

The Underbanked

• Many consumers… – Can’t qualify or afford DDAs – Don’t want DDA – Pay predatory fees

• Often more than $600/year

– Demographic: Bubba/Bubette

• Underbanked are… – Adopting general purpose

prepaid cards as alternative – Customers of non-FI entities – Not prime targets for

decoupled

9

Underbanked Services Fit Retail • Underbanked…

– Seek SPENDING solutions – Need to load/unload card

• Convenience important

– Shop Omni-channel

• Retailers… – Need financial “quality”

to offer – Need systems to support – Have to load and unload – Be convenient

10

Why Walmart Wants to be Your Bank • Cost: Cash customer moving to

unregulated prepaid • Contact: Consumer touch point • Profits: Issuing is profitable

– 1 million Bluebird cards (AMEX) – 1.4 MasterCard payroll cards – Largest seller of Visa GPR cards – Repeat store visits for reloads – Path to other financial services – New:

• AMEX Serve • In-chain money transfer

11

US Mobile “Regulatory” Landscape

Broadcast

Payment

Security/Privacy

Federal Trade Commission Department of Commerce States / Attorneys General

Consumer Financial Protection Bureau

Federal Reserve System Treasury (incl. FinCen, IRS)

Office of Comptroller of Currency Department of Agriculture (EBT/SNAP) Federal Deposit Insurance Corporation

National Credit Union Association Consumer Financial Protection Bureau

Department of Justice

Card Brands EMV PCI

SmartCard

Card Brands EMV

Mobile Operators

ANSI X9 -> ISO NIST W3C

ANSI X9 -> ISO NACHA

Federal Communications Commission Food & Drug Administration

IEEE Bluetooth

NFC

Use

Federal Communications Commission Nat’l Highway Traffic Safety Admin.

State DOT

Regulators Private Regulators Standards

Mobile Security Best Practices - BITS

In reality…

DATA SECURITY IN THE NEW AGE Terence Spies

Introduction

• Security is simultaneously becoming: – More crucial to understand – More complex – Generally more terrifying

Cryptography

• Data security is driving short term changes – Protection of legacy payment architecture

• Data security is driving long term changes – Future payment architectures

• Cryptography is the backbone of this shift

1978 1960 2013

Why do breaches happen?

• One fundamental flaw of payment (and other identification schemes): Symmetry – To make a payment, I need a PAN – To verify a payment, the Bank needs a PAN

Symmetry allows attackers to imitate payers by

stealing information from verifiers.

The Classic Model

Payer Payee Bank PAN PAN

Attacker

Absent authentication or privacy, attacker simply recycles PANs

Physical Symmetry…

Make insecurity a business model?

Compensating for symmetry

• As long as systems are symmetric, we need to restrict verification.

• Most common example: PINs

X84%#$1vE

Compensating for symmetry

• Restricting PANs is not so easy…. – Payment systems have evolved to use clear PANs – Fraud detection, receipt printing, loyalty,

recurrence, refunding, etc.

• Two strategies – Encrypt the PAN (Tokenization) – Add an authenticator (EMV)

EMV Authentication

PAN + AC PAN + AC

POS Terminal Intermediate Systems Trusted Host

Card Key + Transaction details => cryptogram

Encryption and Tokenization

Encrypted PAN

Encrypted PAN

Token

POS Terminal

Intermediate Systems

Trusted Host

Encrypted PAN No 1:1 correspondence with PAN Token 1:1 surrogate value for PAN

Securing Storage

Credit Card 934-72-2356

Tax ID

Regular AES

FPE / Token 7412 3423 3526 0000

8juYE%Uks&dDFa2345^WFLERG

298-24-2356

7412 3456 7890 0000

Ija&3k24kQarotugDF2390^32

Format preservation in tokenization and encryption processes enables existing processes to work with minimal changes and access to keys.

Standards Efforts

• Encryption – X9.119 part 1 (and PCATS efforts) – X9.124 (Format Preserving Encryption)

• Tokenization – X9.119 part 2 – EMVCo spec for “payments tokens” – PCI efforts

PAN Storage

Storage Deindentification Key: Protect Inbound Deprotect inbound

Partially deprotect

Keep In Mind…

• Tokenization can create uncomfortably close relationships!

• Once a token is established, undoing the mapping is difficult.

Is there an alternative to symmetry?

The Public-Key Model

Remit: $5 From: 5678-90241 To: 4234-23123

Remit: $5 From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Remit: $5 From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Sign

Verify

The Public-Key Model

Remit: $5 From: 5678-90241 To: 4234-23123

Remit: $5 From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Remit: $500 From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Sign

Verify

Breaking Symmetry

• Nothing to steal at the verifier! • No hard requirement for transaction privacy • Transactions do not reveal secrets

Downsides?

– Computationally harder – Messages are somewhat larger (~100s of bytes) – Disrupts existing business models….

Public Key in the Real World

• Website authentication • SWIFT transaction signing • P2P Encryption key management

• Enables transition to much more convenient

mobile wallet scenarios

Two Models

• Symmetric – Transaction completed by verification of a secret – Inherently centralized (one secret holder)

• Public Key – Transaction completed by signature verification – No more secrets, but central verifier – Some trusted party maintains the ledger

Can we take this one step farther?

What is a ledger?

A verified history of transactions, from which we can derive balances …..

Centralized ledgers

• Account balances, credit, etc. all extend from trusted ledgers maintained by banks and other FIs

• The security function of a bank is to allow only authorized modifications (credits and debits) from that ledger.

• That function is done with walls, guards, IT controls, and business rules.

But…

Remit: $500 From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Verify

Public key signatures defend themselves…we don’t need guards or firewalls if we believe the signing keys are safe…

Ledger = A group of transactions

Remit: $500 From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Remit: $145.66 From: 5551-2001 To: 4234-23123

Signature: 6411339FE41…

Remit: $213.45 From: 5678-90241 To: 1234-23434

Signature: 98324A344588…

Remit: $100.11 From: 5611-11234 To: 4599-23244

Signature: 67812FA432435..

….this record could be public!

If only….

there was some way to keep bad transactions (double spending, cancels) out of the record of signed transactions!

Uh oh…

Bitcoin?

• The bitcoin paper offers a way to build “distributed consensus” on a public ledger, also called a “blockchain.” – Miners compete to get rewards for validating

transactions.

• Outside of opinions about bitcoin as a currency, this points to the ability to build all kinds of decentralized payment vehicles.

How Do I Pay With BTC?

• Users have wallets which contain signing keys • A transaction consists of a signed message:

Remit: 5.0 BTC From: 5678-90241 To: 4234-23123

Signature: 5FA439CD2144…

Sender Key ID

Recipient Key ID

This is all pretty conventional…

Where does it go?

• In previous systems, it would go to a trusted authority (DigiCash, etc.)

• In bitcoin, we send it to everyone • Transactions sent to all nodes

– “Miners” compete to validate transactions – New validated transactions become a block

• Like a page in the ledger

– Finding a valid block awards new BTC

Sample blocks & transaction

Competition

• Basis: Competiting consensus instead of centrality

• How much competition?

Modern Mining

Does This Make Any Sense?

• Maybe not.. • But the idea of distributed consensus is

driving hundreds of applications – Voting – Internet name binding – Contracts – Payments?

Conclusions

• The somewhat vintage design of the payment system makes security a challenge

• Payment Security will evolve in phases: – Now: P2PE and Tokenization – Near-future: EMV and Tokenization – Future: Public key? Cryptocurrencies?

PAYMENTS ARE TECHNOLOGY… TECHNOLOGY IS POLICY

Terence Spies

• PCATS/NACS advocate government endorsement… – Government adoption of payment standards, NOT EMVCo

or PCI – Payments as a matter of national security

• Open dialogue between stakeholders

– Payment platforms a matter of economic health • “Frictionless” economy through digitization

• Improve relationships with regulators/agencies – Drive for open and comprehensive “wallet” – Federal reserve (Durbin revisions, payment platforms) – Organize stakeholders: DoD, DHS, State Department, States

Spheres of Advocacy

• Congress • Homeland Security, Energy and Commerce, Financial Svcs

• Regulators • Federal Reserve Board(s)

– Kansas City FRB: Payment Card Fraud Costs – Philadelphia FRB: Payment Card Security – Boston/Atlanta FRB: Mobile Payments – Minneapolis FRB: EMV Standardization

• Agencies • Federal Trade Commission • Treasury • Department of Homeland Security • NIST • Law enforcement & intelligence (FBI, NSA, CIA)

• Standards groups

NEW Playing Fields: • Financial Services Roundtable • The Clearing House • NACHA • ABA

Rational Policy: A Roadmap

• Our system is broken, and we are at risk: – Payments are critical to our national security – Authentication of account is meaningless – There are no “clean” computing environments

• We need a stakeholder-driven strategy: – Accredited standards developed in transparency – Less focus on business models, more on what’s right – America to lead the world to next generation

payments – Secure transactions in the “dirtiest” of environments – Protect privacy through secure authentication

Thank you – Questions?