TRENDS & COMPLIANCE

18th National P-Cards on Campus

San Antonio, TX

EMV Market Updates

“Europay MasterCard Visa”

3

What is EMV?

EMV: Named after its original

developers (Europay,

MasterCard® and Visa®), EMV

is a global standard for chip

cards featuring embedded

microprocessor chips that store

and protect cardholder data.

3

4

When is EMV Coming to the U.S.?

Fraud Liabi l i ty Shif t for Non-Gasol ineRetai lers

OCT

Fraud Liabi l i tyShif t for Gasol ine Retai lers

OCT

2015 2017

4

5

Worldwide EMV Deployment and Adoption

Figures reported in Q4 2013 and represent the latest statistics from American Express, Discover, JCB, MasterCard, UnionPay and Visa, as reported bytheir member institutions globally.

Source: Estimates stated from The Smart Card Alliance/EMV Migration Forum, May 2014

Region EMVCards

Adoption Rate

EMVTerminals

Adoption Rate

Western Europe 794M 81.6% 12.2M 99.9%

Canada, Latin America and the Caribbean

471M 54.2% 7.1M 84.7%

Africa and Middle East 77M 38.9% 699K 86.3%

Eastern Europe 84M 24.4% 1.4M 91.2%

Asia Pacific 942M 17.4% 15.6M 71.7%

Region EMVCards

Adoption Rate

EMVTerminals

Adoption Rate

United States [estimates] ~17-20M ~1-2% ~2M ~20%

5

6

Why Chip and Why Now?

Security and Fraud

GlobalInteroperability

Mobile Payments

6

7

How EMV Works

EMV utilizes a decision based process• Two Factor Authentication.

Two factor Authentication requires the use of two of three authentication factors:• Something you know (i.e. PIN)• Something you have (i.e. Credit Card)• Something you are (i.e. Fingerprint)

In the U.S., there are 2 primary ways to authenticate an EMV card: • Signature Verification (“Chip and Sign”)• PIN verification (“Chip and PIN”)

The decision process for the transaction itself is similar to today• Authorize or decline based on Risk Factors.

8

Terminal device will detectchip card vs. magnetic

stripe

Stolen data cannot be reusable in a chip

transaction

Dynamic data generated by the

chip for every transaction

How Does Chip Technology Increase Security?

Secure storage of data

Embedded microprocessor –

strong security

8

9

BHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVVBHEREISYOURCARDNUMBER^HEREIS/YOURNAME^EXPIREDATESERVICECODECVV

Easy to read.Easy to replicate.

Magnetic Stripe Data

9

10

Chip Data

1

11

EMV – What it is… and What it isn’t

EMVwill:

Prevent counterfeit fraud at the point of sale

EMVwill not:

Protect against card-not-present fraud

Protect against counterfeiting cards

Prevent data breaches

Create a different point-of-sale experience (“dip” vs “swipe”)

Always require a PIN

Store cardholder data on a chip

Be vulnerable to wireless interception of data

Require a new card Eliminate the need for magnetic stripe

See growing adoption in theU.S. in the next 12-18 months

Be universally adopted in theU.S. for 3-4 years

1

12

Cardholder Communications

1

13

Card Stays in the Terminal

Cardholder Experience

Non EMV TerminalTransaction processing

per existing processtakes place

Cardholder swipes card at the

POS terminal

Cardholder provides signature verification

EMV Enabled TerminalTransactionCardholder

inserts cardin the POS

terminal

Cardholder inserts(“dips”) card; OR swipes

card, and is then prompted to insert card

Cardholderprovidessignatureverification

complete; cardholder

removes cardfrom terminal

1

14

EMV Benefits

Advanced security benefits all parties involved in processing payments

Consumers • Peace of mind. • Improved global acceptance.

Merchants• Fewer fraud‐related chargebacks due to stolen cards and skimming. • Increased customer satisfaction with their international patrons• Ready for the future of mobile wallets and other innovations.

Card issuers and payment processors• Reduction in counterfeit card fraud. • Leverage future innovations in mobile commerce.

15

U.S. Timeline for EMV - “carrots” and “sticks”

Visa, MasterCard, American Express and Discover have released EMV strategies and are all aligned on timelines and requirements: April 2013: Acquirer Chip Processing Mandate

Acquirers and processors must support the ability to process EMV transactions and NFC contactless payments.

October 2015: Liability Shift from Issuer to Merchant Merchants will be liable for domestic and cross‐border counterfeit fraud

committed at the point of sale if they are not using a compliant EMV & NFC POS solution A non‐compliant merchant is liable for fraud that occurs on any chip card

used on a magnetic swipe terminal. A non‐compliant issuer is liable for fraud that occurs on any magnetic

stripe card used on a chip card‐enabled terminal.

Corporate and Individual Liability

Corporate Liability Platforms

17

Market Information today

Historical shift towards Corporate Liability programs

Individual Liability was the predominant platform for original card programs

There are some hybrid platforms in place today, both Corporate and Individual Liability

18

Benefits of Corporate Liability

No individual credit reviews or individual credit scoring Card end usage parameters

built into control functions of program Compliance to Local laws

and/or Union Contracts Reduced privacy concerns as

you are not sharing personal employee data with card issuer Program consistency and

conformity to policies

Preserve rebate due to high write-offs Ease Accounting and

expense processes (split payment process to employee and card) Ensure accountability by

employee for only business use Consolidate to a singe "card"

program (One Card) Reduce & streamline the

number of cards carried

Enhancements in your data from a singular travel source

Virtual Travel Solutions

20

Travel VirtualPay Solutions

Designed to help improve the travel booking and reconciliation process

Offers a secure and convenient automated payment solution that replaces traditional central billing methods

• CTS/Ghost accounts• Hotel direct bill• Travel agency invoice

20

21

Common Challenges in Central Bill Programs

Manual intervention Fraud exposure Data storage and costs Inconsistent reporting

• Eliminates manual data processing

• Ensures adherence to travel policies

• Centralizes payments, capturing more transactions that fall outside card program

• Automates 100% matching

• Integrates seamlessly into back office systems

• Issues accounts for authorized travel only

• Controls account parameters

Streamline process and

increase control

Reconcile booking and

paymentImprove security

Reduces cost

Improve security

Reduces cost

Reconcile booking and payment

Improve security Reduce cost

21

22

Best Industry Practices Recommend

Corporate Card

Program

Managed Travel

Automated Expense Reporting

Taking Card platforms to Mobile Technology

Mobile Applications

24

The Way to Pay is Changing

Apple Announces Apple Pay in September 2014

Approximately 29 percent of all online retail sales in the United States will be transacted on smartphones and tablets by the end of 2014*

Forrester also expects US Mobile payments to reach $90BB in 2017**

*"US Mobile Phone And Tablet Commerce Forecast, May 2014.

**US Mobile Payments Forecast, January 2013.

25

Mobile Functionality

Mobile applications are working to ensure account information is accessible anywhere via mobile/tablet channels. With this technology employees can quickly manage and stay on top of their business expenses. Generally, the market is seeing growth in applications that provide:

Access to account information anywhere your coverage is available Work/manage and submit of business expenses Variety of mobile applications supporting

• Travel booking and day of travel needs• Expense reporting• Card Management• Receipt Management

26

Questions?

Thank you.

27

Questions

Danene Miller – U.S. Bank Corporate Payment Systems• Danene.miller@usbank.com• (308)289- 6540

Pam Miller – U.S. Bank Corporate Payment Systems• Pamela.miller@usbank.com• (503)632-8109

www.usbpayment.com

OMB CircularUniform Guidance

Uniform Grant Guidance

http://www.whitehouse.gov/omb/grants_docs

Late 2013, Federal government passed legislation entitled “Uniform Administrative Requirements, Cost Principles and Audit Requirements for Federal Awards”

Replaces all governing circulars including: A-21, A-110 and A-133

Biggest change in Federal regulations in 50 years

Overview

Two-year government effort to reform and deliver on the President’s directives to:

1. streamline guidance for Federal awards to ease administrative burden

2. strengthen oversight over Federal funds to reduce risks of waste, fraud and abuse

Ensure best use of over $500 billing expended annually

Impact on Researchers

Costing (direct and indirect)

Financial reporting

Sub-recipient monitoring

Effort Reporting

Fringe Benefits

Procurement

Procurement (§200.317-323)

One-year grace period beginning with the first full fiscal year that starts after the effective date of December 26, 2014

i.e. July 1, 2015, therefore implementation by July 1, 2016.

How will this impact your program?

Council on Financial Assistance Reform (COFAR) (§200.320) https://cfo.gov.coraf/#COFAR2CFR200

https://cfo.gov/wp-content/uploads/2014/11/2014-11-26-Frequently-Asked-Questions.pdf

Does the Uniform Guidance require non-Federal entities to limit charge card purchases to a particular threshold amount?

COFAR

https://cfo.gov/wp-content/uploads/2014/11/2014-11-26-Frequently-Asked-Questions.pdf

No. The Uniform Guidance provides requirements for the internal control framework that surround any purchase, but does not provide any guidance around whether the non-Federal entity uses cash, charge cards, checks, or any other payment medium for the transaction.

P-Card Program Changes

Do you need to change your single transaction limits?

Identify grant spend on your program

Identify how many transactions are above micro-purchase limit of $3,000 (aggregate)

Identify contract spend transactions

Discussion

Thank you

Florianne Irwin, Assistant Director, ProcurementUniversity of Vermont(802) 656-0885