EMV is a payment system specification for credit/debit chip cards and devices designed to perform credit/debit transactions using these chip cards. The EMV specification was jointly developed and maintained by Europay International, Mastercard International, and Visa International (hence, “EMV”). The stated purpose of the EMV specification is to ensure worldwide interoperability between the chip cards and any terminal used in the credit/debit transactions. Compared to magnetic-stripe based credit/data card transactions, EMV is considered by most people to be a more secure payment system. For more information regarding the EMV specification, the reader is referred to EMV 2000 Book 1 from EMVco.
In a typical EMV transaction, there are mainly three parties involved: a buyer or user who is the cardholder, a merchant, and a bank or other financial institution that is the EMV issuer. Briefly, the buyer initiates the EMV transaction by inserting an EMV compliant chip card (or a device that uses the chip card) into an EMV payment terminal at the merchant. The payment terminal may be, for example, a Point of Sale (POS) terminal equipped with a chip card-reader and EMV access software. This payment terminal obtains the user and chip card information and sends the information to the EMV issuer to be processed. The EMV issuer processes the information and completes the EMV transaction by crediting the merchant and debiting the buyer's account accordingly. Such a transaction is called a “local” or “local environment” transaction because there is no direct connection between the chip card and the EMV issuer.
But the market uptake for the EMV specification has been fairly low. This is due, in part, to the reluctance of merchants and their POS terminal suppliers to upgrade their software and hardware infrastructure to support EMV. Recently, however, Visa Europe and Mastercard Europe have announced that beginning in January 2005, liability for transactions will shift from the card issuer to the merchant. This means that any party not EMV compliant after January 2005 will bear the liability for fraudulent transactions passing through their system that otherwise could have been prevented had EMV been supported. It is expected, therefore, that there will soon be a dramatic increase in support by merchants and POS suppliers for the EMV specification.
One way to increase market penetration for the EMV specification is to enable more devices to conduct EMV transactions. Mobile terminals in particular may help facilitate acceptance of the EMV specification because of their widespread usage and convenience factor. Examples of mobile terminals include smart-cards, mobile phones, personal digital assistants, laptop computers, and the like. Unfortunately, the currently existing EMV payment protocol was designed for use primarily in “card present” situations, such as with a card-reader. There have been attempts by various standards bodies to modify the existing EMV specification for local mobile payment transactions, but these attempts have met with little market acceptance because either the methods were cumbersome or they made little business sense.