NIS Packages

OVERVIEW

NIS v4.0 provides how to integrate the nexo Specifications and Protocols with a compliant nexo FAST payment application.

NIS v4.0 Package include the following nexo Specifications and Protocols:

• nexo Functional Scope
• nexo FAST v3.1 + Bulletins
• Bulletin 1 - Update on Technology Selection for handling a restart
• Bulletin 2 - Update on Card Product Selection for handling BIN ranges
• Bulletin 4 - IF Regulation Updates
• Bulletin 5 - Pre-Authorisation Service Updates
• nexo Acquirer v6.0
• nexo TMS v6.0
• nexo Retailer v3.1 (optional)
• nexo Security v2.0

 

It describes, within the framework of a nexo implementation project, the following:

	The functions of the host acquirer interface application (HAP) with detailed description of the messages and data elements when the nexo FAST application has to interact with the nexo Acquirer protocol
	An interface application for the terminal management system (TMAP) with detailed description of the messages and data elements used for configuration and maintenance purposes when the nexo FAST application has to interact with the nexo TMS protocol;
	The interaction between the sale system and the dedicated interface (SCAP) using the nexo Retailer protocol when it has to interact with the payment point of interaction (POI).

 

NIS v4.0 FUNCTIONAL SCOPE

NIS v4.0 main objectives are as follows:

• To prove that POIs, based on nexo FAST payment application and nexo Acquirer/TMS Systems, work together,
• To prove the interoperability between all POIs, all Acquirers and TMS providers implementing nexo specifications and protocols

A nexo IS infrastructure is made up of a standalone or an integrated POI system communicating with:

• one or several Acquirer host(s) to process a card payment transaction,
• a Terminal Management System host for management functions, e.g. parameter download,
• a Sale System (optional).

 

NIS V4 PACKAGE FEATURES & SERVICES

 

List of Features / Service

FEATURES SUPPORTED IN NIS V4.0

CARD SERVICES

PAYMENT SERVICES

Payment

Refund (partial or total)

Cancellation

Pre-Authorisation (Reservation for nexo Retailer)

Pre-Authorisation

Update Pre-Authorisation

Completion

Deferred Payment

ADDITIONAL FEATURES

Payment with increased Amount

Payment with Cashback

Payment with voice authorisation

CARD MANAGEMENT SERVICES

ISO-4 PIN Format Support

AES DUKPT Support for Data Encipherment

ACCEPTANCE TECHNOLOGIES

Chip with Contact

Magnetic Stripe

Chip/Mobile/Wearable/Contactless

Manual Entry by Acceptor

Stored Card Data (stored by the Acceptor)

CARDHOLDER ENVIRONMENTS

Physical Card

Consumer Device

ACCEPTANCE ENVIRONMENTS

Physical POI

Attended

Unattended

Semiattended

CARDHOLDER VERIFICATION METHODS

EMV Offline Plaintext PIN

EMV Offline Enciphered PIN

Online PIN

Signature

No CVM Required

Offline Mobile Code

CARD AUTHENTICATION METHODS

EMV Offline DDA

EMV Offline CDA

EMV Offline fDDA

EMV Online Authentication

Static Authentication (CSC)

PAYMENT APPLICATION FUNCTIONS

Configuration

Transaction Initialisation

Language Selection

Technology Selection

Selection of the Application

Selection of the Brand / Within the Card

Card Data Retrieval (Token Request)

Card Authentication

Cardholder Verification

Authorisation

Referral

Completion

Reversal

Data Capture

Authorisation

Online

Offline

Batch

Batch Suspended Transaction

ADMINISTRATIVE SERVICES

Reconciliation

Diagnostic

Transaction Advice

DEVICE SERVICES

Print

Display

Sound

Input

SYSTEM SERVICES

Events notifications

Error management

Diagnosis

CARD SCHEMES

MasterCard Contactless

Visa VCPS

Amex ExpressPay

ESTATE MANAGEMENT FUNCTIONS

Service Configuration

Host Configuation

MAC

Retail CBC MAC with Hash

SHA2-256

 

Download NIS v4.0 Package

 

IMPLEMENTATION

An implementer of nexo specifications and protocols would require the following:

A POI Implementation

A Vendor implementing a nexo FAST POI terminal has to support

• A nexo FAST Application, Version 3.1 and Bulletins 1,2,4 and 5;
• An interface to the Host Acquirer Protocol responsible for handling the nexo Acquirer protocol v6.0;
• An interface to the Terminal Manager responsible for handling the nexo TMS protocol v6.0;
• Connections to at least one Acquirer Host in the operational environment. However, the POI shall support a multi acquirer environment;
• Connection to at least one TMS Host for the purpose of parameters downloads;
• Cryptographic mechanisms described in nexo Security specification v2.1;
• Optionally, an interface to the sales system responsible for handling the nexo Retailer protocol v3.1;

 

AN ACQUIRER IMPLEMENTATION

An acquirer implementing the nexo Acquirer protocol has to support

• The nexo Acquirer protocol v6.0;
• The cryptographic mechanisms described in nexo Security specification v2.1;
• The nexo TMS protocol v6.0, if the acquirer is also the Terminal Manager as well.

 

A TERMINAL MANAGER IMPLEMENTATION

A Terminal Manager Provider implementing the nexo TMS protocol has to support

• The nexo TMS protocol v6.0
• The cryptographic mechanisms described in nexo Security specification v2.1

 

CRYPTOGRAPHIC MECANISMS & KEY MANAGEMENT

The following cryptographic mechanisms & key management described in nexo Security specification v2.1 has to be supported:

• DUKPT as key derivation mechanism for PIN Encryption, Card Data Encryption and MAC protection;
• The Triple-DES algorithm for PIN and Card Data Encryption;
• Retail-CBC-MAC with SHA-256 for Message Authentication Code (MAC);
• Key download via TMS protocol is optional. Key download, requires asymmetric cryptography if implemented. If the TMS protocol is not used for key download, then keys are loaded locally in the POI or by other means.

 

TEST TOOLS / VALIDATION

nexo standards has developed a suite of test tools that allows vendors, acquirers and processors to test the compliance of their payment systems and devices with nexo’s payment acceptance messaging standards and specifications, significantly reducing time to service launch and minimizing unexpected delays during the certification process.

The goal of the standards are to enable fast, interoperable and borderless payment acceptance by “standardising the exchange of payment acceptance data between merchants, acquirers, payment service providers and other payment stakeholders”.

 

CURRENT TEST TOOLS IS BASED ON NIS V4.0

What is nexo NIS V4.0 Test Solution

• Test script creation and execution environment for nexo standards adopters
• Implements official nexo specifications (Acquirer & TMS v6.0, NIS V4.0)
• Include test plans nexo-IS 4.0
• Available test solutions:
  - nexo Acquirer test solution
  - nexo POI test solution
• Based on the black-box testing principle, our solution provides protocol simulators:
  - nexo Acquirer protocol
  - nexo TMS protocol
  - nexo Retailer protocol

 

Support for all phases of your testing project

Test creation

• Create test cases within the tool using the features of the GUI. User defines what they expect to happen, select Data to be used, define additional validations if required.

Test case management*

• Create and manage test cases within the tool, organize them into libraries and build regression or certification test sets that ensure reproducibility and stability of test quality.*

Test execution & verdict

• Execute tests right from your test case library. Tool generates test messages and responses as defined in the test cases, and makes a test verdict automatically

Automatic payment validation

• Verify system processing, fully automatically, both against format specification and custom, user-built validations

Detailed logging and flexible reporting

• Analyse test results and troubleshoot your system thanks to detailed logs. Generate report of your test campaign thanks to a flexible GUI

 

Testing against nexo standards specifications

• Powerful message engine implements all rules of the network
• Simulator always up-to-date with maintenance
• Build correct and incorrect messages towards the system under test
• Default format validation uses Specification and (if applicable) XSD validation rules to provide detailed information on any errors
• Automated validation of the received message
  – Message structure (e.g. Correct fields, order of fields)
  – Check for mandatory and optional fields
  – Check conditional fields
  – Check each field against format
  – Value sets validation
• Report all detected errors in a friendly manner to help resolve the issue

 

Benefits

 

NEXO ACQUIRER TEST SOLUTION

Features

• Simulates POI to put Acquirer Host under test
• Implements test cases of nexo-IS 4.0 test plan
• Qualified by nexo Standards

• Dedicated for acquirers and acquirer system providers
• Accredited in June 2019
• A set of 120 test scripts implemented (representing 200 test cases in the nexo IS V4.0 Acquirer test plan)
• All Acquirer test scripts are included in the Acquirer test tool library

Steps to Acquirer Host / POI certification

1. Obtain nexo IS test Tool from nexo standards
2. Test your implementation during the development and testing phase
3. Run the official test library in nexo-ISD test tool to pre-certify or validate your solution
4. Contact an accredited lab for certification
5. Get certified by the certification authority

 

POI TEST SOLUTION

• Dedicated for POI application developers and vendors
• Accredited in June 2020
• A set of 626 test scripts implemented (representing around 950 test cases in nexo IS V4.0 POI test plan) of which:
  • 171 are mandatory
  • 140 are required for French and German markets
  • 7 are for unattended only
  • 18 are for combined readers
  • 290 are for optional services and features that could be selected in the Vendor’s POI ICS
• All POI test scripts are included in the POI test tool library
• All test cases are included in tool
• Applicable test cases for each POI under test defined by filling in the Implementation Conformance Statement file (ICS)
• The content and layout of the file is defined by nexo
• The tool allows
  - loading ICS file to select applicable test cases
  - defining ICS by filling in a questionnaire
• Based on content of ICS, test cases are disabled/enabled for execution

 

CERTIFICATION FRAMEWORK

Nexo standards and CFCF (the Common Functional Certification Framework) have signed a Liaison agreement to cooperate in order to provide for the certification of products having implemented nexo specifications

The CFCF certification infrastructure enables a test and certification process of nexo solutions. The governance of the certification process runs by the members of the CFCF. The test and certification process is based on the principle of consensus-based decisions between the members of the CFCF who would like to base their approvals on the CFCF certification process using nexo implementation specifications. The certification infrastructure shall be maintained and enhanced in order to make it available as a general service to interested Approval Bodies. CFCF defined its certification policy in a dedicated documentation which can be found under http://www.cfcf.eu/certification-process/.

The CFCF Certification process covers the functional Test and Certification Policy applicable to POI and acquirer systems developed following the nexo Implementation Specification developed and maintained by nexo standards

The CFCF infrastructure involves :

• Certification Applicants (Vendors),
• Test Laboratories
• Certification Bodies and
• The Certification Committee

These parties roles are based on the usage of the nexo Implementation Specification, the nexo Test Specification as well as on the test methodology and the administrative process agreed within CFCF. The Certification Bodies produce Certificates, which will be used by the Approval Bodies as part of Type Approval. Based on the common specification, the common test specification, a common test methodology and common certification processes, the CFCF certification infrastructure provides for a “one-stop-shopping” for all nexo compliant solutions. A certificate based on one single test report can be used by Approval Bodies as part of Type Approval.

 

CERTIFICATION PROCESS