Digital Transaction Technologies Forum Presentations...Digital Transaction Technologies Forum....
Transcript of Digital Transaction Technologies Forum Presentations...Digital Transaction Technologies Forum....
Digital Transaction Technologies Forum
Friday 29 September 2017
Welcome
Digital Transaction Technologies Forum
Dr Bronwyn EvansChief Executive Officer
Standards Australia
Digital Transaction Technologies Forum
Digital Transaction Technologies Forum
Technological change
Customer demand for
real-time access to data
High degree of data turnover & redundancy
Digital Transaction Technologies Forum
Financial services have become
Australia’s largest and fastest-
growing industry, worth around $140 billion
Opportunities & challenges spring
from market disruption
Global tech companies are
emerging as the most significant
disrupters
Digital Transaction Technologies Forum
Fintech
Blockchain
New Payments Platform
Standards
Emerging technology
Mr Andy WhiteChief Operating Officer
Australian Payments Network
Digital Transaction Technologies Forum
Presentation to Digital Transaction Technologies Forum
Andy White29 September 2017
How Australia Pays
9
How Australia Pays
10
How Australia Pays
11
Source: RBA
How Australia Pays
12
Source: RBA
Contactless Card PaymentsPer cent of number of point-of-sale paymentsAll payments
2013 20160
20
40
60
% All card payments
2013 2016 0
20
40
60
%
How Australia Pays
13
Source: RBA
Other reasonDon't like the ideaSatisfied with current methods
Yes No0
20
40
60
80
%
0
20
40
60
80
%
Would You Make Mobile Payments?Per cent of respondents
How China pays
14
How China pays
15
Volume
Traditional Banks Internet Banks
Value
Traditional Banks Internet Banks
Source: PBOC
The Merchant Perspective
16
The Merchant Perspective
17
The Merchant Perspective
18
The Merchant Perspective
19
The Obligatory Mention of…
• Real-time settlement of securities
• Cross-border payments
• Japanese faster payment service
• Reconciliation of nostro payments
20
Threats: Cyber and Fraud
21
The Importance and Role of Standards
22
23
THANK YOU AND QUESTIONS
Mr Paul JenningsA/g Chief Operating Officer
EFTPOS Australia
Digital Transaction Technologies Forum
Digital transaction platformsPaul Jennings, eftpos Acting Chief Executive Officer, Sep 2017
12direct
connectors
5 ATM
connectors
21Specifications
Averaging5m
Transactions per day
Peak of 165
Transactions per second
One form factor, one channel
eftpos – embracing digital platforms
Public – Standards Australia presentation28
Images needed for• card @ POS, • CNP, • Card of file/ Secure remote commerce, • Tokenisation, • Mobile @ POS NFC/ BLE and • QR,• InApp, • InBrowser
• Add reference to Standards Australia; International Standards Association; PCI; EMVCo; ICS; domestic schemes; regulation
Mr Mario SistPrincipal Consultant
UL Transaction Security
Digital Transaction Technologies Forum
DIGITAL TRANSACTIONS TECHNOLOGIESFORUM
UL and the UL logo are trademarks of UL LLC © 2017.Proprietary & Confidential.
29 September 2017
Mario SistPrincipal ConsultantCISA, PCI QSA, PCI QSA (P2PE), PCIP, Visa Security Assessor
UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential. 2
UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential. 3
TECHNOLOGY 1983 - MY FIRST JOB
TECHNOLOGY 1983 - MY FIRST JOB
From Wikipedia, the free encyclopedia
AS 2805 Electronic funds transfer - Requirements for interfaces is the Australian standard for financial messaging. It is near-exclusively used in Australia for the operation of card-based financial transactions amongbanks, automatic teller machines and EFTPOS devices.
It is closely related to ISO 8583, but pre-dates it by two years (1985 vs 1987).
3
UL and the UL logo are trademarks of UL LLC © 2017.Proprietary & Confidential.
Part 1: CommunicationsPart 2: Message structure, format and content Part 3: PIN management and securityPart 4.1: Message authentication—Mechanisms using a block cipherPart 4.2: Message authentication—Mechanisms using a hash functionPart 5.1: Ciphers—Data encipherment algorithm 1 (DEA 1) Part5.2: Ciphers—Modes of operation for an n-bit block cipher algorithmPart 5.3: Ciphers—Data encipherment algorithm 2 (DEA 2)Part 5.4: Ciphers—Data encipherment algorithm 3 (DEA 3) andrelatedtechniquesPart 6.1: Key management—PrinciplesPart 6.2: Key management—Transaction keysPart 6.3: Key management—Session keys—Node to nodePart 6.4: Key management—Session keys—Terminal to acquirerPart 6.5.1: Key management—TCU initialization—Principles Part 6.5.2: Key management—TCU initialization—Symmetric Part 6.5.3: Key management—TCU initialization—Asymmetric
• Part 9: Privacy of communications• Part 10: File transfer integrity validation• Part 10.2: Secure file transfer (retail) Part 11: Cardparameter table• Part 12.1: Message content—Structure and format• Part 12.2: Message content—Codes• Part 12.3: Message content—Maintenance of codes Part 13.1:Secure hash functions—General• Part 13.2: Secure hash functions—MD5• Part 13.3: Secure hash functions—SHA-1• Part 14.1: Secure cryptographic devices (retail)—Concepts, requirementsand evaluation• methods• Part 14.2: Secure cryptographic devices (retail)—Security compliancechecklists for• devices used in magnetic stripe card systems• Part 15: ICC base stored value/inter-sector electronic purse
AS 2805 ELECTRONIC FUNDS TRANSFER
MORE STANDARDS
STANDARDS DRIVEN
UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential.
UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential.
8
PCI PTS, EMV L1AS2805
AS2805PA DSSP2PEBrand testing
EMV L2
Paymentapplication
Non-paymentapp Non-payment
app
EMV Kernel
Firmware / OS
Hardware
FUTURE PAYMENTS
UL and the UL logo are trademarks of UL LLC © 2017.Proprietary & Confidential.
UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential. 10
PIN ON GLASS
11
BLOCKCHAIN
VOICE PAYMENT
QUESTIONS
UL and the UL logo are trademarks of UL LLC © 2017.Proprietary & Confidential.
Mario [email protected]
Expert PanelDigital Transaction Technologies Forum
Bill DoranHead of Oceania
SWIFT
Karen WebbManager, Equity Post
Trade Services ASX Group
Katrina StuartExecutive Manager
Engagement New Payments Platform
Australia
Mr Bill DoranHead of Oceania
SWIFT
Digital Transaction Technologies Forum
Standards AustraliaDigital Transaction Technologies Forum
29 September 2017
Bill DoranHead of Oceania
SWIFT
The global provider of secure financial messaging services
SWIFT Today
Secure
6.5bnFIN messages
SecondsInstitution to institution message sent anywhere in the world
3 daysApproximate annual valueworld GDP through SWIFT network
ResilientAlways available
11,000Connects financial institutions,Corporates & Market Infrastructures Globally
All currenciesEg. $, €, £, ¥ etc
200+Countries & territories
3,000Connects financial institutions, corporates & market infrastructures in Asia Pacific
6.9%Annual growth (2016)
CentsCost per message
Integration & Interfaces
SharedServices
Messaging
Our offering to the community
Standards
SWIFTNet usage in the Australian Financial System
51
AU Financial Institutions
(banking and securities)
Overseas Institutions or MI’s
Corporate Customers
LvP / Direct Entry(RBA Interconnector)
RTGS (RITS)ASX
Austraclear ASX CHESS
NPP (2017/18)
Payments
SecuritiesTreasury
Trade
Business lines
Managed Funds
CLSISO20022
ISO20022
52
Why ISO 20022?
Proprietary MT ISO 7775 ISO 15022 ISO 20022
Payments Treasury & Trade
1973Securities only
1984Securities only
1999 20042000
• Paper-based• Proprietary syntax• Point-to-point• One size fits all• SWIFT only
• Reference standard• Electronic• Open, neutral syntax• End-to-end transaction• Market practice• SWIFT + other organisations
FIN MT: Computer-processable
versions of telexes
53
What is ISO 20022?
single standardisation approach (methodology, process, repository) to be used by all financial standards initiatives
• Defines business meaning of financial concepts, e.g., ‘Credit Transfer’
Business / Conceptual
• Defines e.g. credit transfer messages, to execute the business process
Logical
• Defines physical syntax, e.g. XML
Physical
• Business models
• Data dictionary
• Catalogue of messages
Recipe to create financial standards Body of content
www.iso20022.org
All institutions have their own sets of data objects
…and groups them into ‘syntax-neutral’ message models, which...
ASN.1 FpML
… can be ‘transformed’ in message formats in the desired syntax
JSON
XML
ISO standardizes common data objects…
Using ISO 20022modelling to reach interoperability
Standards and ISO 20022 55
When and why is ISO20022 being adopted?
When?• System renewal: e.g. Target2,
SIX/CH, Fed and TCH, CHAPS, BoJNet, ASX,…
• New systems: e.g. real time payment systems such as FAST (SG) or NPP (AU)
• Corporate demand: corporate clients pushing banks to adopt
• Automation of manual processes: e.g. Funds in Australia
Why?• Richer data: regulation/compliance,
higher STP, better customer propositions
• Vendor support: more competition drive down cost, lower barriers to entry
• Lower costs for global players: one standard for transacting in multiple markets, re-use of global network infrastructure (SWIFT)
• Easier integration: XML syntax, off the shelf tools, global familiarity, injectable schemas
56
Standards are created globally and used locally: market practice and variants
ISO 20022 messages
Global market practice
Local market practice
Bank-specific practice
‘PACS’-pacs.008.001.04FI to FI Customer Credit Transfer
HVP-guidelines
Specific RTGS guidelines
Bank’s RTGS implementationwith customers/bank’sinternal specification
57
IPFA
SEPA,EU
BR
DK
US – retail division of FRB
CPA, CA
IPFA
Zengin, JP
IN
BOJNet, JP
SG
CO
PE PG
CL
UK
SADC
ZA
BN
Fed & TCH, US
Snapshot Dec 2016
FI
SAEC
BY
CIPS, CN
CNAPS2, CN
BDMY
JO
TH
XKCH
VNKH
ASEAN
ISO 20022 Adoption – Payments MI & initiatives (some examples)From discussion to implementation
T2, EU
58
EBA Instant Payment
Denmark -Nets
AU- NPP
SG -FAST
Netherlands
Hungary TCH, US
Snapshot Jan 2017
Sweden -Bankgirot
Poland –Elixir Express
Honk Kong
ISO 20022 Adoption – Real Time Payments initiativesFrom discussion to implementation (some examples)
SEPA – SCT Inst
Finland
France and Belgium
TIPS - ECB
Spain
Payments Canada
59
Over100 members
(corporates and banks)defining
common global implementation
guidelines
ZA
RU
CN
AU
CA
HK
BE
AT
DE
FI
FR
IE
JP
KRLU
MX
NL
DK
SEPA
PT
IT
SG
SK
SE
CH
UK
US
ES
SWIFT for
Corporates –Cash
management
Based on CGI guidelines
Snapshot Jun 2016
ISO 20022 adoption in the corporate-to-bank space (some examples)
BM
BR
CO
HU
KW
LB
LI
MY
MQ
MU
MC
NZ
NO
OM
PA
PH
QASA
AE
60
DTCC, USJASDEC, JP[Post-trade]
Galgo, BR
T2S, EU
CSD, LI
60
EVK, EE
CSD, LT
ASX[Corp.Act]
CLS
Treasury MISecurities MI
SGX[Corp.Act]
JASDEC & TSE, JP
[Corp.Act]
CN
NSD, RU
VP Sec DK
HK
Snapshot July 2016
SADC
LCH.Clearnet, UK
Euroclear, ESES
NBB-SSS, BE
IR
TR
VP Norway
Euroclear FI
VP Lux
MY
OeKB, AU
KDPW CCP, PL
BN
KSEI[Post-trade]
IDX[Corp.Act]
SGX[Post-trade]
ISO 20022 Adoption – Securities MI & Treasury MI (some examples)From discussion to implementation
6161
Snapshot Jul 2016* Indirect SWIFT adoption via service providers: BBHi, Calastone, Euroclear
AD
AD
AT
AU
BB
NL
BH
BI
BM
CA
CH CN
CP
CZ
DE
DK
EE
ES
FI
FR
GB
GR
HK
HU
ID
IE
ILIT
BELU
RU
KR
LC
LIMC
JE
GG
MTMX
NO
PH
PL
PT RO JP
SE
SG
SI
SK
SM
SN
ST
TW
US
ISO 20022 Adoption – SWIFT for Funds
This map shows countries where one or more players are sending/receiving ISO 20022-based Funds transactions.This includes major MI Funds hubs such as Clearstream, Euroclear, Benefit Trust Company Funds Messaging, Hong Kong (HKMA), Korea (KSD), Taiwan (TDCC)* etc.
ZA
62
BR
AU
BE
AR
CA
CL
CN
FR
GR
HK
IN
ID
IT
JP
KR
LB
MY
SO
MU
NL
NG
OM PK
PHQA
SG
SI
ZA
ES
LK
SE
CH
TW
TH
TRDE
GB
US
UAE
VN
This map shows countries where one or more banks are sending/receiving ISO 20022-based BPO/TSU transactions. Snapshot Mar 2016
PE
AT
BG
FIDK
MA
KE
GH
KW
SAJO
ISO 20022 for Trade - SWIFT BPO/TSU
6363Snapshot July 2016
SMMD &MMSR
MiFID II / MiFIR
SFTRCTCCR, RU
ISO 20022 Adoption – Non MI, Regulator initiatives
EMIR
Ms Karen WebbManager, Equity Post Trade Services
ASX Group
Digital Transaction Technologies Forum
Standards Australia Digital Transaction Technologies Forum
Karen WebbEquity Post Trade Services, ASX
29 September 2017
Cash Equity Clearing & Settlement –CHESS Replacement project
67 |
ASX core services & initiatives
Standards Australia Forum
Global leader in A$ and NZ$ markets
Core customer value proposition
Listings Trade execution Clearing and settlementInitial and ongoing access to
capitalLower cost of capital
Listings integrityBranding
Ongoing liquidityHedging and risk transfer
Market integrityEfficient and timely access
Data services
Capital efficiencyRisk reduction/nettingOperational efficiencySettlement certainty
Macro growth drivers
Demand for financial assets Savings systemCapital needs
Globalisation of marketsAutomation of OTC markets
24 hour trading
Regulatory developments Operational efficiency goals
Capital efficiency needs
ASX initiatives• World-class infrastructure• Outstanding experience• Investment supermarket
Expansion of listing franchise (NZ, tech, offshore)
ETF/ETP listingsmFund expansion
New futures platformOffshore customer acquisition
20 year bond futuresSerial options
ASX Benchmarks (BBSW)Centre Point innovationALC technical solutions
CHESS replacementOTC Clearing
Futures/OTC cross marginingClient clearingASX Collateral
68 |
The opportunity for the replacement of CHESS
Standards Australia Forum
Customers are facing profitability headwinds
> Operational and technology costs
> Disruption, revenue and margin erosion
> Regulatory capital and compliance
ASX considerations in replacing CHESS
> CHESS performs clearing and settlement for equities (the stock market)
> Highly reliable, infrastructure, replaced every 20+years
> Deeply embedded in customer’s businesses
> Proprietary messaging unique to CHESS
Distributed Ledger Technology (DLT) is emerging
> DLT technology could significantly reduce costs
> Can DLT replace CHESS, reduce risks and costs, and enable innovation?
69 |
Attractive attributes for the adoption of DLT
Standards Australia Forum
Australia has first-mover advantages
Well-regulated and sophisticated capital markets
Relatively un-fragmented market – 2 major exchanges, 1 CCP, 1 CSD
Fully dematerialised equity market – no share certificates, digital ownership
CHESS already has ‘name on register functionality’ – identifies investor and their holdings
70 |
Streams of work
Business Requirements
Stakeholder Engagement
ISO 20022 Messaging
Technology (DLT) Investigation
reusable, technology
agnostic, no-regrets work
Technology decision 2017
Standards Australia Forum
71 |
Business requirements
Standards Australia Forum
Current categories for development and testing:
> Actor (Users)
> Asset (Securities)
> Trade Registration
> Netting
> Settlement Preparation
> Settlement
> Corporate Actions
> Clearing
> Holding Management
> Default Management
> mFund
> Billing
> Reference Data
> Administration
> Technical Requirements
> Non Functional Requirements
72 |
The ISO 20022 adoption process
Standards Australia Forum
Aug 2016
Dec 2016
High level gap analysis
CHESS vs. ISO 20022
Mar 2018
ISO 20022 Technical Committee
Register new messages,
finalise usage guidelinesJun
2018
Prepare, submit change
requests to ISO GO
LIVE
Refine scope, requirements;
detailed mapping;develop usage guidelines
Industry training, testing, implementation
533 CHESS messages
13 functional areas
~120 unique ISO 20022 messages
12 business areas
ASX
Stakeholder Engagement
usage guidelines (scenarios)
73 |
Current status and the work ahead
Standards Australia Forum
Mid 2016DLT prototype successfully completed within 6 months with Digital Asset (DA)• Confirmed the capabilities
of DLT to perform clearing and settlement functions
• Did not raise any technological or immediate regulatory red flags
2016-2017ASX working with DA to build enterprise-grade software• Produced on a timely,
predictable, quality and repeatable basis
• Meet security, performance, scalability and persistence requirements
• Assess base level equity post trade functional features and requirements
Stakeholder engagement including consultation on business requirements
Business requirements definition
ISO 20022 mapping
End 2017• Technology decision to be
made at the end of 2017, including security assessment
2018 +• Q1 2018 – Consultation on
scope for CHESS Replacement
• Confirm scope and implementation plan
• More work will be required prior to implementation
• Bulk of ISO 20022 detailed message mapping complete by mid 2018
Continue:
Stakeholder engagementBusiness requirements definition
ISO 20022 mapping & finalisation
Thank you.
Ms Katrina StuartExecutive Manager, Engagement
New Paym
Digital Transaction Technologies Forum
Katrina Stuart Executive Manager, Engagement, New Payments Platform Australia
New Payments PlatformStandards Australia - Digital Transaction Technologies
29 September 2017
World-class payments infrastructure to make fast, versatile and data-rich payments
Page 77© NPP Australia Limited
What is the New Payments Platform?
New infrastructure separate from products
Open access platform
Data rich payments
Confirmation of payee before payment
Real-time central bank settlement
PayID Addressing Service
“Request to Pay” functionality
Key Attributes of the New Payments Platform:
Benefits of the New Payments Platform
Page 78© NPP Australia Limited
• Faster funds availability• 24/7/365 real-time gross settlement with no “cut-off” times• Account to account payment
• Customers can use simple, easy to remember addresses to direct payments using the PayID Addressing Service
• More information with a payment• Information can be embedded into payment messages or links to
externally hosted documents
• Myriad different events or triggers• Can be 1:many or many:1
Speed & Availability
SmartAddressing
Richer Payment
Information
Workflow Optionality
More than Real-time Payments – Data capability
Page 79© NPP Australia Limited
• Universal industry message scheme:− XML based− Payment message standards
• Information rich capability• Incorporation into business
processes• Structured or unstructured• Link to a document or url link
• Funds settled in real-time
Message foundation: ISO 20022 Schema
Value
Information• Enables ease of back
office integration and operational efficiency
• Promotes automation and straight through processing for business transactions
How does the NPP work?
Page 80© NPP Australia Limited
The NPP uses ISO 20022, the global standard for electronic data interchange between financial institutions.
Connection to the NPP is via Payment Gateways (PAGs).
The NPP PAGs are configured to support processing and routing of transactions between the PAGs and the RBA’s Fast Settlement Service.
Overlay Services can sit on top of the Basic Infrastructure to offer different customer value propositions and experiences
Bank Channels
Payment Gateway
Payer
Addressing Service
NPP Participants (Financial Institutions)
Fast Settlement Service
Reserve Bank Information and Transfer Service (RITS)
Reserve Bank of Australia
Clearing Request and Notification
Settlement Notification
Payment Gateway
Bank Channels
NPP Participants (Financial Institutions)
Payee
Settlement Notification
Settlement Request
Payment Gateway
Overlay Services
What is PayID?
Page 81© NPP Australia Limited
• A core, customer facing component of the NPP which is both -
− an access controlled, secure repository of encrypted customer account information
− an addressing service which enables Payer Participants to create clearing messages at Payer’s request using Payee’s easy to remember account proxy
• Four alias types will be available initially – phone, email, ABN/business numbers and organisation identifier
• Customers will register PayIDs in the Addressing Service via their financial institutions (privacy consents will be in place)
• Registering financial institution responsible for effective, correct, authenticated registration
• A PayID can be moved easily between accounts and between financial institutions
• Payments can be initiated to a PayID or to account details (BSB/account number)• If a payment is PayID initiated, the Payer will be able to check the PayID Name
linked to the PayID and the account before authorising the payment
Options for accessing the NPP
Page 82© NPP Australia Limited
NPP Participants
Connected Institutions
Identified Institutions
Customers
Overlay ServiceProviders
Potential Use Cases for the New Payments Platform
Page 83© NPP Australia Limited
• Micro-businesses
• SMEs for delivery of products/ services
• E-commerce
P2P P2B
• Real time payments using smart addressing
• Instant payment to cover insured damages
• Superannuation contributions
• Single touch payroll
B2P
P2G
• Payment of taxes and fines
G2P
• Emergency disaster payments
• Welfare benefits
B2B
• Transport with delivery of goods versus payment
• E-invoicing
Overlay Services
Page 84© NPP Australia Limited
• Can cover a broad range of use cases
• Can range from simple (e.g. rules based) to complex (e.g. new message orchestration)
Customer P2P applications
through to
Business, Corporate & Government
Cross-industry or “horizontal”
overlays
e.g. e-invoicing and remittances
Industry vertical overlays
e.g. Securities, Insurance and
Superannuation
Utility overlays
Delivering a specific capability, e.g. KYC
and fraud
First Overlay – Osko
Page 85© NPP Australia Limited
Quicker moving money Flexible addressing More information
Confidence in Delivery Through your Financial Institution Make a request to be paid
Thank you
©2017 NPP Australia Limited (ABN 68 601 428 737)Disclaimer: This presentation is for general information purposes only. Neither this presentation, nor any information contained in it, shall form the basis of any contract between NPP Australia Limited and any person, nor constitute a commitment by NPP Australia Limited to any person.© NPP Australia Limited
For more information please contact the NPPA team on [email protected]
Closing Panel Remarks
Dr Bronwyn EvansChief Executive Officer, Standards Australia
Digital Transaction Technologies Forum
Closing Remarks and Next Steps
Rick MacourtStakeholder Engagement Manager, Standards Australia
Digital Transaction Technologies Forum
Thank you Please join us for lunch
Digital Transaction Technologies Forum