How Digital First will revolutionise the customer EMV card issuance journey

[ This article was originally published here ]

While you may never have stopped to consider it, the nature of EMV banking cards has had a fundamental impact on the way we make payments over the past decades.

From providing your signature after every payment to chip and pin, to mobile wallet and contactless transactions, the way we purchase goods and services is always developing to give customers an easier, more convenient shopping experience. And customers want this! Indeed, according to recent data, 67% of users stated they would use a solution that automatically updates card details for online services and wallets when a card expires or is replaced, if it was available.

Yet despite the progress made in this sector, there still remains a huge difference between the issuance journey of a physical card compared to a digital one.

So, why does it take days between making a request for a physical EMV card and the actual first payment but only seconds for the same process with a digital card on your favourite wallet app? Surprisingly, the answer is not as a direct result of the post mailing considerations for the physical card but instead stems from the fact that the digital card experience was, until recently, only ever considered to be a subsequent step of the physical card experience. As such, there are now three different customer journeys when it comes to EMV issuance, each varying in time length.

The first journey: The physical Card issuance leveraging the secure chip

The first journey is driven by the EMV secure chip configuration by a bank, which they can start to issue as soon as they receive BIN sponsorship with one or several payment schemes.

To create the EMV card, the bank begins by preparing a complete chip profile with a user’s credentials, cryptographic keys and payment application(s). Once this has been achieved, the bank then sends this profile to a personalisation bureau who can manage the creation of the secure EMV chip.

This process takes time despite the EMV issuers’ industry being able to speed up this process by implementing a virtual instant issuance path. Here, pre-personalisation steps are completed for an anonymous cardholder and then these credentials are assigned at the last second at the point of issuance to the cardholder.

For most of the physical cards that follow this process, the feeling of “days to get the card” comes mainly from fulfillment issues. For example, even when the card mailer reaches the intended cardholder, they still need to activate the card by typing in the PIN given. This ensures the card recipient is the genuine cardholder.

The second journey: The instant proxy generation from a funding PAN with EMV Tokenization

While traditionally “days” was an acceptable experience for card issuance, the rise of the digital world has fundamentally altered customer expectations, to the point where we now expect this process to take seconds. This is where EMV tokenization comes in.

With EMV tokenization, your credit card number is replaced instantly with a proxy card number – protecting the genuine card data from fraudsters. Likewise, the EMV Token goes through the same EMV payment processing steps, but the funding card data is protected.

As a result of this second journey, since 2014 mobile users have been able to activate OEM (Original Equipment Manufacturer) Pay or any other Mobile Wallets in a matter of seconds. Nonetheless, the initial assumption was that they used an existing “funding card” to create their digital card.

The third journey: Digital First, direct, without pre-requisite card issuance

Finally, a revolution called ‘Digital First’ is in the making. With your card number, expiry date, and CVV able to be generated instantaneously, customers can start making purchases immediately. So, the new question is: is it safe enough to give this data to the customer right away to create a virtual card before the physical one arrives?

With Digital First, the answer to this is yes as long as one key condition is met. You can access your virtual card right away in your mobile banking app if your bank has done its due diligence in authenticating you properly.

The good news is, with all the hard work performed for PSD2 compliance, and using multi-factor authentication, biometrics, and dynamic linking, banks have every opportunity to put strong authentication practices in place. If customer identification can be guaranteed, this new card issuance service will transform drastically the cardholder’s experience. Not only will it lead to more transactions for the issuer and the scheme, but it will also increase satisfaction for the cardholders.

With Digital First as your customer journey, the customer gets the best issuance experience possible by combining all three processes. Firstly, they get immediate access to a virtual card to use for e-commerce transactions, secondly, they receive a digital card in their mobile wallet for at-store payments instantly, and thirdly while this is occurring their physical card is being prepared , ready for posting.

We are ideally positioned to help banks enter into this Digital First era. From our range of tokenization solutions, and our various strong customer authentication tools, to our ability to manage the process flow for physical or digital card issuance at the highest possible standard of security, we can help take your banking to the next level.

Learn more about what services we provide here or tweet us @ThalesDigiSec with any questions.