Log in or Register for enhanced features | Forgotten Password?
White Papers | Suppliers | Events | Report Store | Companies | Dining Club | Videos
Banking Business Review
Return to: BBR Home | Suppliers

European Multi-Application EMV Cards

Published 08 June 2009 | By Cryptomathic

Crédit Agricole has undertaken one of the world's biggest multi-application EMV issuing projects to date. Every fourth cardholding bank customer in France is receiving new chip-enabled credit and debit cards for domestic and international use from Crédit Agricole. The project has been one of the first to implement common personalisation – a new standard introduced by Visa International and set forth by EMVCo.


CEDICAM and EMV migration

The Centre d'Échanges de Données et d'Informations du Crédit Agricole Mutuel (CEDICAM) is jointly owned by Crédit Agricole SA and the Crédit Agricole Regional Banks. The company is the Crédit Agricole Group's specialist in automated payment systems and management of financial flows.

CEDICAM has been commissioned to issue the new EMV credit and debit cards to the entire card base of Crédit Agricole, which holds more than 12 million cards. The new cards feature domestic and international applications, as well as an e-purse.

The EMV migration began in the last quarter of 2004 with EMV 96 static data authentication (SDA) cards and CEDICAM issued EMV 2000 dynamic data authentication (DDA) cards in the second quarter of 2006. Future plans include preparing the cards for the Mastercard card authentication protocol (CAP) application for use of the cards with unconnected token-readers for high-security internet banking.

Crédit Agricole has previously been issuing chip payment cards to its clients and, although these are generally accepted today for domestic transactions, they are not EMV compliant. The bank has now combined the existing cards with EMV chip applications in line with the 2005 European deadline set forward by MasterCard and VISA.

EMV compliance ensures card applications comply with the payment systems while guaranteeing security and interoperability.

CEDICAM has upgraded its card product platform to EMV, and Cryptomathic was selected to deliver a solution that meets the new requirements in the existing environment. Cryptomathic was able to meet the challenges posed by CEDICAM by offering maximum security and the latest technology, such as common personalisation and DDA, while allowing CEDICAM to integrate the solution into the local French banking environment – customised for national needs and purposes.


Single card – multiple applications

CEDICAM issues multi-application smart cards that carry the French applications B0' and Moneo, as well as both a domestic and an International EMV debit and credit application - either VISA or MasterCard depending on the card brand.

CEDICAM is an experienced pioneer in smart cards and is very successful in leveraging the benefits of multi-application smart cards, which create value to card holders and card issuers over single-application cards.

One of the features that provides smart card holders with real value is the possibility of having several applications residing on one payment card. It also adds customer value by offering card holders a wide range of functions.

The issuing banks benefit from multi-application cards because they can target individual card holders, which is essential for building strong customer relationships and reducing marketing costs.


Solution overview

The solution chosen by CEDICAM is Cryptomathic CardInk, a second-generation data preparation system. BULL is the prime contractor and integrator and provides the technical support.

The production involves a number of entities. CardInk performs the data preparation for EMV, Moneo and the magnetic stripe data. The Datacard data preparation process (DPP) is used to manage the entire card production process, which is completely automated.

CardInk is integrated into the DPP as a black box. The data produced by CardInk is written on to smart cards by a series of high-volume DC 9000 and MAXSYS personalisation systems.


Solution implementation

Cryptomathic meets the requirements of CEDICAM through a scalable and flexible data preparation solution while exceeding security standards imposed by the payment scheme providers and the national banking organisation.

CardInk is developed as a two-part client/server system. While the cryptographic keys and overall security are managed in CEDICAM's main location, the production site is located in another area of France. This physical separation between operations is possible through the configuration of separate CardInk installations that support one-time set-up and remote management.

The ultimate production requirement at CEDICAM is almost 100,000 multi-application smart cards per day. This high capacity is ensured by a solution consisting of several CardInk servers that operate in parallel. Each server is capable of preparing data for several thousands of multi-application smart cards each hour.

The servers are synchronised and the production environment is very redundant. The approach is modularly scalable and allows for higher capacities in relation to future issuing requirements.


Secure issuing and system management

With the support for DDA, the cards issued by CEDICAM have maximum security. DDA denotes the type of authentication used during transactions and is the highest possible level of security within EMV. DDA requires that a private key used for securing card integrity and encrypting information, such as PIN-codes, resides on each card.

To accommodate this functionality, CEDICAM has chosen an architecture consisting of five CardInk servers with 15 IBM4758 hardware security modules (HSMs). HSMs are used to handle cryptographic data in a highly secure tamper-resistant environment so the keys will never be disclosed in clear text.

The CardInk security architecture enables CEDICAM to manage cryptographic keys on a CardInk key management server and distribute them on to CardInk production servers by encrypting key files.

On the key management server, keys are loaded into HSMs via secure PIN-pads that are interfaced directly with the HSM. This adds security and eliminates risks as CEDICAM only uses trusted clients.

The standard security of CardInk is also compliant with CEDICAM's internal procedures, where security management and daily production are physically separated. Audit logs are MAC'ed and encrypted, and the secure client server communication uses AES for encryption.

Finally, CardInk supports exchange of cryptographic keys with the French bank organisation Groupement des Cartes Bancaires. This exchange is mediated through the BULL system CGDC-BNTng.