Digital Transaction Technologies Forum Presentations...Digital Transaction Technologies Forum....

Digital Transaction Technologies Forum

Friday 29 September 2017

Welcome


Dr Bronwyn EvansChief Executive Officer

Standards Australia



Technological change

Customer demand for

real-time access to data

High degree of data turnover & redundancy


Financial services have become

Australia’s largest and fastest-

growing industry, worth around $140 billion

Opportunities & challenges spring

from market disruption

Global tech companies are

emerging as the most significant

disrupters


Fintech

Blockchain

New Payments Platform

Standards

Emerging technology

Mr Andy WhiteChief Operating Officer

Australian Payments Network


Presentation to Digital Transaction Technologies Forum

Andy White29 September 2017

How Australia Pays

9

How Australia Pays

10

How Australia Pays

11

Source: RBA

How Australia Pays

12

Source: RBA

Contactless Card PaymentsPer cent of number of point-of-sale paymentsAll payments

2013 20160

20

40

60

% All card payments

2013 2016 0

20

40

60

%

How Australia Pays

13

Source: RBA

Other reasonDon't like the ideaSatisfied with current methods

Yes No0

20

40

60

80

%

0

20

40

60

80

%

Would You Make Mobile Payments?Per cent of respondents

How China pays

14

How China pays

15

Volume

Traditional Banks Internet Banks

Value

Traditional Banks Internet Banks

Source: PBOC

The Merchant Perspective

16


17


18


19

The Obligatory Mention of…

• Real-time settlement of securities

• Cross-border payments

• Japanese faster payment service

• Reconciliation of nostro payments

20

Threats: Cyber and Fraud

21

The Importance and Role of Standards

22

23

THANK YOU AND QUESTIONS

Mr Paul JenningsA/g Chief Operating Officer

EFTPOS Australia


Digital transaction platformsPaul Jennings, eftpos Acting Chief Executive Officer, Sep 2017

12direct

connectors

5 ATM

connectors

21Specifications

Averaging5m

Transactions per day

Peak of 165

Transactions per second

One form factor, one channel

eftpos – embracing digital platforms

Public – Standards Australia presentation28

Images needed for• card @ POS, • CNP, • Card of file/ Secure remote commerce, • Tokenisation, • Mobile @ POS NFC/ BLE and • QR,• InApp, • InBrowser

• Add reference to Standards Australia; International Standards Association; PCI; EMVCo; ICS; domestic schemes; regulation

Mr Mario SistPrincipal Consultant

UL Transaction Security


DIGITAL TRANSACTIONS TECHNOLOGIESFORUM

UL and the UL logo are trademarks of UL LLC © 2017.Proprietary & Confidential.

29 September 2017

Mario SistPrincipal ConsultantCISA, PCI QSA, PCI QSA (P2PE), PCIP, Visa Security Assessor

[email protected]

mailto:[email protected]

TECHNOLOGY 1983 - MY FIRST JOB

TECHNOLOGY 1983 - MY FIRST JOB

From Wikipedia, the free encyclopedia

AS 2805 Electronic funds transfer - Requirements for interfaces is the Australian standard for financial messaging. It is near-exclusively used in Australia for the operation of card-based financial transactions amongbanks, automatic teller machines and EFTPOS devices.

It is closely related to ISO 8583, but pre-dates it by two years (1985 vs 1987).

3


https://en.wikipedia.org/wiki/Automatic_teller_machine

https://en.wikipedia.org/wiki/EFTPOS

https://en.wikipedia.org/wiki/ISO_8583

Part 1: CommunicationsPart 2: Message structure, format and content Part 3: PIN management and securityPart 4.1: Message authentication—Mechanisms using a block cipherPart 4.2: Message authentication—Mechanisms using a hash functionPart 5.1: Ciphers—Data encipherment algorithm 1 (DEA 1) Part5.2: Ciphers—Modes of operation for an n-bit block cipher algorithmPart 5.3: Ciphers—Data encipherment algorithm 2 (DEA 2)Part 5.4: Ciphers—Data encipherment algorithm 3 (DEA 3) andrelatedtechniquesPart 6.1: Key management—PrinciplesPart 6.2: Key management—Transaction keysPart 6.3: Key management—Session keys—Node to nodePart 6.4: Key management—Session keys—Terminal to acquirerPart 6.5.1: Key management—TCU initialization—Principles Part 6.5.2: Key management—TCU initialization—Symmetric Part 6.5.3: Key management—TCU initialization—Asymmetric

• Part 9: Privacy of communications• Part 10: File transfer integrity validation• Part 10.2: Secure file transfer (retail) Part 11: Cardparameter table• Part 12.1: Message content—Structure and format• Part 12.2: Message content—Codes• Part 12.3: Message content—Maintenance of codes Part 13.1:Secure hash functions—General• Part 13.2: Secure hash functions—MD5• Part 13.3: Secure hash functions—SHA-1• Part 14.1: Secure cryptographic devices (retail)—Concepts, requirementsand evaluation• methods• Part 14.2: Secure cryptographic devices (retail)—Security compliancechecklists for• devices used in magnetic stripe card systems• Part 15: ICC base stored value/inter-sector electronic purse

AS 2805 ELECTRONIC FUNDS TRANSFER

MORE STANDARDS

STANDARDS DRIVEN

UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential.

UL and the UL logo are trademarks of UL LLC © 2017. Proprietary & Confidential.

8

PCI PTS, EMV L1AS2805

AS2805PA DSSP2PEBrand testing

EMV L2

Paymentapplication

Non-paymentapp Non-payment

app

EMV Kernel

Firmware / OS

Hardware

FUTURE PAYMENTS


PIN ON GLASS

11

BLOCKCHAIN

VOICE PAYMENT

QUESTIONS


Mario [email protected]

mailto:[email protected]

Expert PanelDigital Transaction Technologies Forum

Bill DoranHead of Oceania

SWIFT

Karen WebbManager, Equity Post

Trade Services ASX Group

Katrina StuartExecutive Manager

Engagement New Payments Platform

Australia

Mr Bill DoranHead of Oceania

SWIFT


Standards AustraliaDigital Transaction Technologies Forum

29 September 2017

Bill DoranHead of Oceania

SWIFT

The global provider of secure financial messaging services

SWIFT Today

Secure

6.5bnFIN messages

SecondsInstitution to institution message sent anywhere in the world

3 daysApproximate annual valueworld GDP through SWIFT network

ResilientAlways available

11,000Connects financial institutions,Corporates & Market Infrastructures Globally

All currenciesEg. $, €, £, ¥ etc

200+Countries & territories

3,000Connects financial institutions, corporates & market infrastructures in Asia Pacific

6.9%Annual growth (2016)

CentsCost per message

Integration & Interfaces

SharedServices

Messaging

Our offering to the community

Standards

SWIFTNet usage in the Australian Financial System

51

AU Financial Institutions

(banking and securities)

Overseas Institutions or MI’s

Corporate Customers

LvP / Direct Entry(RBA Interconnector)

RTGS (RITS)ASX

Austraclear ASX CHESS

NPP (2017/18)

Payments

SecuritiesTreasury

Trade

Business lines

Managed Funds

CLSISO20022

ISO20022

52

Why ISO 20022?

Proprietary MT ISO 7775 ISO 15022 ISO 20022

Payments Treasury & Trade

1973Securities only

1984Securities only

1999 20042000

• Paper-based• Proprietary syntax• Point-to-point• One size fits all• SWIFT only

• Reference standard• Electronic• Open, neutral syntax• End-to-end transaction• Market practice• SWIFT + other organisations

FIN MT: Computer-processable

versions of telexes

53

What is ISO 20022?

single standardisation approach (methodology, process, repository) to be used by all financial standards initiatives

• Defines business meaning of financial concepts, e.g., ‘Credit Transfer’

Business / Conceptual

• Defines e.g. credit transfer messages, to execute the business process

Logical

• Defines physical syntax, e.g. XML

Physical

• Business models

• Data dictionary

• Catalogue of messages

Recipe to create financial standards Body of content

www.iso20022.org

All institutions have their own sets of data objects

…and groups them into ‘syntax-neutral’ message models, which...

ASN.1 FpML

… can be ‘transformed’ in message formats in the desired syntax

JSON

XML

ISO standardizes common data objects…

Using ISO 20022modelling to reach interoperability

Standards and ISO 20022 55

When and why is ISO20022 being adopted?

When?• System renewal: e.g. Target2,

SIX/CH, Fed and TCH, CHAPS, BoJNet, ASX,…

• New systems: e.g. real time payment systems such as FAST (SG) or NPP (AU)

• Corporate demand: corporate clients pushing banks to adopt

• Automation of manual processes: e.g. Funds in Australia

Why?• Richer data: regulation/compliance,

higher STP, better customer propositions

• Vendor support: more competition drive down cost, lower barriers to entry

• Lower costs for global players: one standard for transacting in multiple markets, re-use of global network infrastructure (SWIFT)

• Easier integration: XML syntax, off the shelf tools, global familiarity, injectable schemas

56

Standards are created globally and used locally: market practice and variants

ISO 20022 messages

Global market practice

Local market practice

Bank-specific practice

‘PACS’-pacs.008.001.04FI to FI Customer Credit Transfer

HVP-guidelines

Specific RTGS guidelines

Bank’s RTGS implementationwith customers/bank’sinternal specification

57

IPFA

SEPA,EU

BR

DK

US – retail division of FRB

CPA, CA

IPFA

Zengin, JP

IN

BOJNet, JP

SG

CO

PE PG

CL

UK

SADC

ZA

BN

Fed & TCH, US

Snapshot Dec 2016

FI

SAEC

BY

CIPS, CN

CNAPS2, CN

BDMY

JO

TH

XKCH

VNKH

ASEAN

ISO 20022 Adoption – Payments MI & initiatives (some examples)From discussion to implementation

T2, EU

58

EBA Instant Payment

Denmark -Nets

AU- NPP

SG -FAST

Netherlands

Hungary TCH, US

Snapshot Jan 2017

Sweden -Bankgirot

Poland –Elixir Express

Honk Kong

ISO 20022 Adoption – Real Time Payments initiativesFrom discussion to implementation (some examples)

SEPA – SCT Inst

Finland

France and Belgium

TIPS - ECB

Spain

Payments Canada

59

Over100 members

(corporates and banks)defining

common global implementation

guidelines

ZA

RU

CN

AU

CA

HK

BE

AT

DE

FI

FR

IE

JP

KRLU

MX

NL

DK

SEPA

PT

IT

SG

SK

SE

CH

UK

US

ES

SWIFT for

Corporates –Cash

management

Based on CGI guidelines

Snapshot Jun 2016

ISO 20022 adoption in the corporate-to-bank space (some examples)

BM

BR

CO

HU

KW

LB

LI

MY

MQ

MU

MC

NZ

NO

OM

PA

PH

QASA

AE

60

DTCC, USJASDEC, JP[Post-trade]

Galgo, BR

T2S, EU

CSD, LI

60

EVK, EE

CSD, LT

ASX[Corp.Act]

CLS

Treasury MISecurities MI

SGX[Corp.Act]

JASDEC & TSE, JP

[Corp.Act]

CN

NSD, RU

VP Sec DK

HK

Snapshot July 2016

SADC

LCH.Clearnet, UK

Euroclear, ESES

NBB-SSS, BE

IR

TR

VP Norway

Euroclear FI

VP Lux

MY

OeKB, AU

KDPW CCP, PL

BN

KSEI[Post-trade]

IDX[Corp.Act]

SGX[Post-trade]

ISO 20022 Adoption – Securities MI & Treasury MI (some examples)From discussion to implementation

6161

Snapshot Jul 2016* Indirect SWIFT adoption via service providers: BBHi, Calastone, Euroclear

AD

AD

AT

AU

BB

NL

BH

BI

BM

CA

CH CN

CP

CZ

DE

DK

EE

ES

FI

FR

GB

GR

HK

HU

ID

IE

ILIT

BELU

RU

KR

LC

LIMC

JE

GG

MTMX

NO

PH

PL

PT RO JP

SE

SG

SI

SK

SM

SN

ST

TW

US

ISO 20022 Adoption – SWIFT for Funds

This map shows countries where one or more players are sending/receiving ISO 20022-based Funds transactions.This includes major MI Funds hubs such as Clearstream, Euroclear, Benefit Trust Company Funds Messaging, Hong Kong (HKMA), Korea (KSD), Taiwan (TDCC)* etc.

ZA

62

BR

AU

BE

AR

CA

CL

CN

FR

GR

HK

IN

ID

IT

JP

KR

LB

MY

SO

MU

NL

NG

OM PK

PHQA

SG

SI

ZA

ES

LK

SE

CH

TW

TH

TRDE

GB

US

UAE

VN

This map shows countries where one or more banks are sending/receiving ISO 20022-based BPO/TSU transactions. Snapshot Mar 2016

PE

AT

BG

FIDK

MA

KE

GH

KW

SAJO

ISO 20022 for Trade - SWIFT BPO/TSU

6363Snapshot July 2016

SMMD &MMSR

MiFID II / MiFIR

SFTRCTCCR, RU

ISO 20022 Adoption – Non MI, Regulator initiatives

EMIR

Ms Karen WebbManager, Equity Post Trade Services

ASX Group


Standards Australia Digital Transaction Technologies Forum

Karen WebbEquity Post Trade Services, ASX

29 September 2017

Cash Equity Clearing & Settlement –CHESS Replacement project

67 |

ASX core services & initiatives

Standards Australia Forum

Global leader in A$ and NZ$ markets

Core customer value proposition

Listings Trade execution Clearing and settlementInitial and ongoing access to

capitalLower cost of capital

Listings integrityBranding

Ongoing liquidityHedging and risk transfer

Market integrityEfficient and timely access

Data services

Capital efficiencyRisk reduction/nettingOperational efficiencySettlement certainty

Macro growth drivers

Demand for financial assets Savings systemCapital needs

Globalisation of marketsAutomation of OTC markets

24 hour trading

Regulatory developments Operational efficiency goals

Capital efficiency needs

ASX initiatives• World-class infrastructure• Outstanding experience• Investment supermarket

Expansion of listing franchise (NZ, tech, offshore)

ETF/ETP listingsmFund expansion

New futures platformOffshore customer acquisition

20 year bond futuresSerial options

ASX Benchmarks (BBSW)Centre Point innovationALC technical solutions

CHESS replacementOTC Clearing

Futures/OTC cross marginingClient clearingASX Collateral

68 |

The opportunity for the replacement of CHESS


Customers are facing profitability headwinds

> Operational and technology costs

> Disruption, revenue and margin erosion

> Regulatory capital and compliance

ASX considerations in replacing CHESS

> CHESS performs clearing and settlement for equities (the stock market)

> Highly reliable, infrastructure, replaced every 20+years

> Deeply embedded in customer’s businesses

> Proprietary messaging unique to CHESS

Distributed Ledger Technology (DLT) is emerging

> DLT technology could significantly reduce costs

> Can DLT replace CHESS, reduce risks and costs, and enable innovation?

69 |

Attractive attributes for the adoption of DLT


Australia has first-mover advantages

Well-regulated and sophisticated capital markets

Relatively un-fragmented market – 2 major exchanges, 1 CCP, 1 CSD

Fully dematerialised equity market – no share certificates, digital ownership

CHESS already has ‘name on register functionality’ – identifies investor and their holdings

70 |

Streams of work

Business Requirements

Stakeholder Engagement

ISO 20022 Messaging

Technology (DLT) Investigation

reusable, technology

agnostic, no-regrets work

Technology decision 2017


71 |

Business requirements


Current categories for development and testing:

> Actor (Users)

> Asset (Securities)

> Trade Registration

> Netting

> Settlement Preparation

> Settlement

> Corporate Actions

> Clearing

> Holding Management

> Default Management

> mFund

> Billing

> Reference Data

> Administration

> Technical Requirements

> Non Functional Requirements

72 |

The ISO 20022 adoption process


Aug 2016

Dec 2016

High level gap analysis

CHESS vs. ISO 20022

Mar 2018

ISO 20022 Technical Committee

Register new messages,

finalise usage guidelinesJun

2018

Prepare, submit change

requests to ISO GO

LIVE

Refine scope, requirements;

detailed mapping;develop usage guidelines

Industry training, testing, implementation

533 CHESS messages

13 functional areas

~120 unique ISO 20022 messages

12 business areas

ASX

Stakeholder Engagement

usage guidelines (scenarios)

73 |

Current status and the work ahead


Mid 2016DLT prototype successfully completed within 6 months with Digital Asset (DA)• Confirmed the capabilities

of DLT to perform clearing and settlement functions

• Did not raise any technological or immediate regulatory red flags

2016-2017ASX working with DA to build enterprise-grade software• Produced on a timely,

predictable, quality and repeatable basis

• Meet security, performance, scalability and persistence requirements

• Assess base level equity post trade functional features and requirements

Stakeholder engagement including consultation on business requirements

Business requirements definition

ISO 20022 mapping

End 2017• Technology decision to be

made at the end of 2017, including security assessment

2018 +• Q1 2018 – Consultation on

scope for CHESS Replacement

• Confirm scope and implementation plan

• More work will be required prior to implementation

• Bulk of ISO 20022 detailed message mapping complete by mid 2018

Continue:

Stakeholder engagementBusiness requirements definition

ISO 20022 mapping & finalisation

Thank you.

Ms Katrina StuartExecutive Manager, Engagement

New Paym


Katrina Stuart Executive Manager, Engagement, New Payments Platform Australia

New Payments PlatformStandards Australia - Digital Transaction Technologies

29 September 2017

World-class payments infrastructure to make fast, versatile and data-rich payments

© NPP Australia Limited

What is the New Payments Platform?

New infrastructure separate from products

Open access platform

Data rich payments

Confirmation of payee before payment

Real-time central bank settlement

PayID Addressing Service

“Request to Pay” functionality

Key Attributes of the New Payments Platform:

Benefits of the New Payments Platform


• Faster funds availability• 24/7/365 real-time gross settlement with no “cut-off” times• Account to account payment

• Customers can use simple, easy to remember addresses to direct payments using the PayID Addressing Service

• More information with a payment• Information can be embedded into payment messages or links to

externally hosted documents

• Myriad different events or triggers• Can be 1:many or many:1

Speed & Availability

SmartAddressing

Richer Payment

Information

Workflow Optionality

More than Real-time Payments – Data capability


• Universal industry message scheme:− XML based− Payment message standards

• Information rich capability• Incorporation into business

processes• Structured or unstructured• Link to a document or url link

• Funds settled in real-time

Message foundation: ISO 20022 Schema

Value

Information• Enables ease of back

office integration and operational efficiency

• Promotes automation and straight through processing for business transactions

How does the NPP work?


The NPP uses ISO 20022, the global standard for electronic data interchange between financial institutions.

Connection to the NPP is via Payment Gateways (PAGs).

The NPP PAGs are configured to support processing and routing of transactions between the PAGs and the RBA’s Fast Settlement Service.

Overlay Services can sit on top of the Basic Infrastructure to offer different customer value propositions and experiences

Bank Channels

Payment Gateway

Payer

Addressing Service

NPP Participants (Financial Institutions)

Fast Settlement Service

Reserve Bank Information and Transfer Service (RITS)

Reserve Bank of Australia

Clearing Request and Notification

Settlement Notification

Payment Gateway

Bank Channels

NPP Participants (Financial Institutions)

Payee

Settlement Notification

Settlement Request

Payment Gateway

Overlay Services

What is PayID?


• A core, customer facing component of the NPP which is both -

− an access controlled, secure repository of encrypted customer account information

− an addressing service which enables Payer Participants to create clearing messages at Payer’s request using Payee’s easy to remember account proxy

• Four alias types will be available initially – phone, email, ABN/business numbers and organisation identifier

• Customers will register PayIDs in the Addressing Service via their financial institutions (privacy consents will be in place)

• Registering financial institution responsible for effective, correct, authenticated registration

• A PayID can be moved easily between accounts and between financial institutions

• Payments can be initiated to a PayID or to account details (BSB/account number)• If a payment is PayID initiated, the Payer will be able to check the PayID Name

linked to the PayID and the account before authorising the payment

Options for accessing the NPP


NPP Participants

Connected Institutions

Identified Institutions

Customers

Overlay ServiceProviders

Potential Use Cases for the New Payments Platform


• Micro-businesses

• SMEs for delivery of products/ services

• E-commerce

P2P P2B

• Real time payments using smart addressing

• Instant payment to cover insured damages

• Superannuation contributions

• Single touch payroll

B2P

P2G

• Payment of taxes and fines

G2P

• Emergency disaster payments

• Welfare benefits

B2B

• Transport with delivery of goods versus payment

• E-invoicing

Overlay Services


• Can cover a broad range of use cases

• Can range from simple (e.g. rules based) to complex (e.g. new message orchestration)

Customer P2P applications

through to

Business, Corporate & Government

Cross-industry or “horizontal”

overlays

e.g. e-invoicing and remittances

Industry vertical overlays

e.g. Securities, Insurance and

Superannuation

Utility overlays

Delivering a specific capability, e.g. KYC

and fraud

First Overlay – Osko


Quicker moving money Flexible addressing More information

Confidence in Delivery Through your Financial Institution Make a request to be paid

Thank you

©2017 NPP Australia Limited (ABN 68 601 428 737)Disclaimer: This presentation is for general information purposes only. Neither this presentation, nor any information contained in it, shall form the basis of any contract between NPP Australia Limited and any person, nor constitute a commitment by NPP Australia Limited to any person.© NPP Australia Limited

For more information please contact the NPPA team on [email protected]

Closing Panel Remarks

Dr Bronwyn EvansChief Executive Officer, Standards Australia


Closing Remarks and Next Steps

Rick MacourtStakeholder Engagement Manager, Standards Australia


Thank you Please join us for lunch


Digital Transaction Technologies Forum Presentations...Digital Transaction Technologies Forum....

Documents

Transcript of Digital Transaction Technologies Forum Presentations...Digital Transaction Technologies Forum....