The Nilson Report

THE CURRENT ISSUE: Issue 1052 | Nov 2014

FEATURED COMPANIES

Companies featured in The Current Issue include:

Headlines from The Current Issue

Cards Projected Worldwide

Top Card Issuers in Latin America - 2013

American Express Token Service

Installment Payments for Web Purchases

U.S. General Purpose Cards Through 3Q 2014

SIA’s P2P Money Transfer Service

Brazil’s APPI Payment Platform

Digital River Acquired by Siris Capital

Poynt’s Tablet POS Terminal

SafetyNet from MasterCard

Charts in this Issue

Payment Cards Projected Worldwide

U.S. General Purpose Cards YTD 3Q 2014 vs. YTD 3Q 2013

Largest Payment Card Issuers by Product 2013

Largest Debit Card Issuers in Latin America 2013

Largest Credit Card Issuers in Latin America 2013

Top General Purpose/Visa/MasterCard Card Issuers in Latin America 2013

U.S. General Purpose Cards YTD 3Q 2014 vs. YTD 3Q 2013

U.S. purchase volume - spending for goods and services - totaled $1.932 trillion for the first nine months of calendar year 2014. Figures are shown for Visa, MasterCard, Amex, and Discover.

1. Visa Credit: $885.61 billion
+11.9%
2. American Express Credit: $502.71 billion
+8.1%
3. MasterCard Credit: $447.70 billion
+8.6%
4. Discover Credit: $95.87 billion
+3.3%

Full access to the U.S. General Purpose Cards YTD 3Q 2014 vs. YTD 3Q 2013 results is available when you subscribe to The Nilson Report.

POSTED NOV 19, 2014 | PRINT

AMERICAN EXPRESS TOKEN SERVICE

Card issuers, processors, acquirers, and merchants in the U.S. can use the American Express Token Service to replace a payment card’s primary account number (PAN) with a randomly generated token, which acts as an alternative or pseudo PAN. U.S. issuers including Amex itself are expected to be the first customers of the American Express Token Service, initially for in-app and NFC-based Apple Pay that launched last month. Tokens for Apple Pay are stored in a dedicated chip called a Secure Element (SE) on the iPhone 6 and iPhone 6 Plus. American Express delivers them to Apple through a secure network connection. Apple then sends them over the air to the SE. Individual devices are provisioned with one token, which is used for all point-of-sale and in-app purchases. A consumer would receive a different token for the same payment card if they want to use it in a second device.

American Express has also announced global availability of network specifications to support Host Card Emulation (HCE)-based mobile payments from Android handsets with NFC capabilities. For HCE-based payments, issuers download an applet to the handset’s memory to connect the NFC controller to the POS terminal. For every payment at the point of sale, the applet emulates a card by requesting a PAN from a remote server managed by the issuer. 

The applet could request a token instead of a PAN. In that case, American Express delivers the token to the issuer through a secure network connection. Issuers then send the token to the handset over the air. In HCE, different tokens are likely to be used for each transaction.

Tokens reduce a merchant’s potential liability from damages linked to cyberattacks on POS systems or data centers, as well as losses from fraud for card-present and card-not-present sales. Tokens thwart thieves who steal them and encode a counterfeit magnetic-stripe card for purchases at the point of sale or input them at online checkout pages because authorization requests will be declined. Their security value also includes the fact that they can be limited to a specific merchant or a specific transaction type, or as is the case with Apple Pay, tied to a specific iPhone 6. Any other attempted use would trigger an authorization decline. 

American Express Token Service is based on the EMVCo-based Payment Tokenization Specification and Technical Framework. It includes a vault where tokens are mapped to primary account numbers and then stored. Lifecycle management services are also available to suspend, resume, or delete tokens after they have been created. In addition, Amex also offers token authorization and payment data validation capabilities for card-issuing financial institutions. 

Mike Matan is General Manager, Global Network Business at American Express in New York, (212) 640-0681, mike.b.matan@aexp.com, www.americanexpress.com.

Copyright 2014 © The Nilson Report