190 likes | 210 Views
BKM Interbank Card Center. Owner and Operator. Bankalararası Kart Merkezi A.Ş. Established in 1990 as a private joint stock company by 13 banks Currently has 28 members Responsible for: Develop procedures for implementing the credit and debit card system among banks
E N D
Owner and Operator • Bankalararası Kart Merkezi A.Ş. • Established in 1990 as a private joint stock company by 13 banks • Currently has 28 members • Responsible for: • Develop procedures for implementing the credit and debit card system among banks • Carry out interbank authorization and clearing transactions
Organization • Operations and Technology Committee • Security Committee • Arbitration Committee • Market Development Committee • Chip Committee
BKM Services • Message Routing/Switch System • Domestic Clearing and Settlement • Net settlement of debts and credits among members • Through the BKM account with the Central Bank TIC-RTGS • Reporting • Market shares, card and POS numbers, installment transactions, number and amount of transctions, counterfeiting and fraud reports
BKM Hizmetleri • Mesaj Yönlendirme • Yurtiçi Takas ve Hesaplaşma (YTH) • BKM üyesi bankalar arasında kredi kartı işlemlerinden doğan borç ve alacakların tasfiyesi • YTH modülü ve Takas Merkezi aracılığıyla TCMB nezdindeki BKM hesabından net olarak yapılır. • Raporlama • BKM, aylık ve 3 aylık dönemler itibariyle üyelerinden Kartlı Ödeme Sistemi'ne yönelik istatistiki bilgi toplar ve bu bilgileri BKM on-line aracılığıyla üyelere gönderir: • Aylık; pazar payları, kart ve POS sayıları ile taksitli işlem adet ve tutarları, Takas ve Switch Ciroları, • 3 Aylık; konsolide istatistik, yönetici özeti, bilgi paylaşımı ve pazar payı raporları
Message Routing/Switch(Mesaj Yönlendirme) • Provides debit and credit card authorization services to BKM members • Services: • Credit-Card online Authorization • Credit-Card Stand-in Authorization • Credit Card POS Sharing • Debit Card ATM Sharing • Visa and Master Card Routing • Operational since 1993
BKM Switch System Financial Messages: Request and Response BKM ISSUER SWITCH SYSTEM YAPI KREDİ POS ACQUIRER GARANTİ
Financial Messages: Request and Approval • YKB credit card is used in Garanti’s POS: • Request message is first sent to Garanti Bank IT center. • Garanti looks at the card’s bank info and than forwards it to BKM. • BKM sends the request message to YKB. • YKB sends approval message to BKM. • BKM sends approval message to Garanti Bank IT center. • Garanti Bank IT center sends approval message to POS.
Stand-in Authorization • If the issuer member of BKM is out-of-service or does not respond within the issuer timeout period of 15 seconds, the BKM Switch Stand-in Authorization Module automatically starts and responds on behalf of the issuer. • When the issuer becomes ready for service, the feedbacks are provided in relation to the approved transactions
BKM Communication Financial Messages: Request and Approval BKM ISSUER SWITCH SYSTEM YAPI KREDİ BKM Proprietary Network Via Lease lines POS Dial-up Link ACQUIRER GARANTİ
Request Message Contents • [Card Number] [Exp. Date] [Service Code] [CVV1] • Card Number: 16 digit unique number. • Expiry Date: Validation through date of card • Service Code: Three digit number that explains the properties of the card • First Digit: Magnetic or smart, domestic or international • Second Digit: Authorization type • Verification type of the card (with or without PIN) • CVV1: Three digit number generated by a function
Generation of CVV1 Card Number Exp.Date Service Code CVV Key Function CVV1
Request Message Contents • Date and Time • 27/12/2005 13:03:04 • Amount • YTL 50,70 • POS Entry Mode • Mail Order, Internet, Magnetic, Smart Card, ATM • Merchant Address • Bogazici Bookstore, Etiler/IST/TR • Chip Field
Member’s Network Structure • POS Servers collect and record daily transactions information sent by POSes at the merchants. • Debit/Credit Card Servers that keep debit and credit card holders’ information. • ATM Servers keep transaction information made by ATMs.
Security of Debit Cards • Is there a difference between credit card and debit card authorization in terms of risk?
Request Message for Debit Cards • [Card Number] [Exp. Date] [Service Code] [CVV1] • Encrypted PIN • Date and Time • Amount • POS Entry Mode • Merchant Address • Chip Field
Message Types • Financial Messages • Request :includes transaction details,credit card info, date and time and merchant info. • Response :sent by issuing bank in order to approve or reject the transaction. • Reversal Request : used when a correction or cancellation is made on transaction • Reversal Response :sent by the issuing bank in order to approve or reject the correction/cancellation.
Message Types • Financial Messages (cont’d) • [Stand in]Advice Request :Issuing Bank sends authorization details when the connection is closed between bank and BKM. BKM makes approvals on transactions instead of the bank according to information inside this message. • [Stand in] Advice Response :sent by BKM to bank to approve/reject authotrization request. • [Stand in] Reversal Advice Request :sent by bank to BKM to cancel authorization. • [Stand in] Reversal Advice Response :sent by BKM to bank to approve/cancel the cancellation request.
Message Types • Network Messages • Si gn_off :sent by bank BKM in order to close connection between bank and BKM. • Sign_on :sent by bank to BKM in order to open connection between bank and BKM. • File Update Messages • Lost and Stolen :sent by bank to BKM in order to report stolen cards that are removed from the system.