Since January 2016, STET operates a secure network for cash withdrawal and payment authorisation messages.
Used every day by millions of consumers to withdraw money, make purchases in stores and pay on the Internet and mobiles - both in France and abroad - our network is in France the reference network for CB, Diners Club, JCB, MasterCard, Paylib and Visa cards.
Our card network routes authorization requests and responses, round the clock, 365 days a year.
These operations follow extremely strict security process, including on the basis of applications or sealed and signed responses.
So that customers can make transactions abroad, outside the coverage of the CB system, our network is connected to gateways established with foreign systems of the CB system partners.
Our network offers 3 different routing methods:
- Issuer routing based on PAN ranges,
- Acquirer routing which takes into account the destinations defined by the Acquirer
- and technical routing related to a transport BIN.
Our network is able to process 37 different types of transactions, including customer-specific transactions for private usage, thereby meeting all card processing needs.
Our routing tables are sized to accept all payment schemes and of course token routing: CB, Diners, JCB, MasterCard, VISA…
Routing includes rules to ensure service continuity through even load balancing and nominal backups.
- Two routing plans: cardholder number; or recipient (transport BIN)
- Positive routing: only what is declared is routed (international flows)
- Possibility of defining specific routings for an issuer as well as temporary routings (CAR)
- Routing rules (load balancing or nominal/backup)
- Servers can activate backup on demand
- Internal network timings managed according to the recipients
- Large routing table capacity
- Preservation of server responses
- Issuer activity and availability reporting for each connected environment
- Control of the acquirer (whether or not the bank is authorized to access the service.)
- Control of transaction consistency (question / response)
- Guaranteed response offered to requesters
- Possibility of acquirer routing (choice of a substitution destination)
- Acquirer activity reporting for each connected environment
- Two IP-VPN access network operators and SDSL or OF support
- 3DES encryption managed by e-rsb on access networks
- IP flow distribution and IP backup activation are transparent for users
- Timing negotiation for requester and server applications
- Possibility of flow exchanges outside the e-rsb routing (EFES service)
- Activity and availability reporting for each connected environment
As the electronic payment instruments continue to evolve with faster innovations, fraud increases and becomes more technologically sophisticated.
Fraud control is now more than ever a key challenge for the payment industry.
Tokenisation: Substituting a PAN with a Token
Mobile payments (e.g. HCE) as well as new solutions such as Cards on File and Wallets are based on a tokenization service.
As a result of present market conditions, we developed an agnostic tokenization service.
The engine is part of our network, thereby ensuring performance and reliability levels consistent with the network itself.
Our card authorisation network leverages high transaction volumes to deliver optmised scoring
Our network uses the IRIS Analytics solution based on statistical models and expert rules to score transaction fraud risk in real time.
The relevance of the score is optimally generated through supervised self-learning algorithms based on large volumes of eligible transactions.
EPAS Protocol converter
As the EPAS standard (ISO 20022) is becoming a market reality and is supported by several major retailers, STET brings solutions to support these new technical needs.
Acquiring banks and payment institutions adapt their strategy to deploy new services and technologies such as contactless and mobile payment. To do so, they need to phase out the standard of the card based on ISO 8583 to migrate to ISO 20022, a more open and interoperable standard that supports new services and payment solutions.
This new standard EPAS enables the standardization of regulations on procurement systems through the sharing of common requirements (physical, logical security, etc.) and leads to the establishment of a shared single certification. It promotes, notably in Europe, the interoperability of transactions (payment and withdrawal) by bank cards (debit and credit), developing and maintaining a standard on behalf of its members on the basis of exchanges in ISO 20022.
Our converter supports both versions 1 and 2 of the EPAS protocol in order to suit all the Acquirers requirements. This is how we are helping our clients to reinforce the information security while meeting the cryptography standard formats, and to ensure the protection of the following data:
- Protection of the confidential code,
- Protection of sensitive data from the credit card,
- Protection of the message by an authentication code,
- Protection of the message with a digital signature.
In France, we implemented an infrastructure featuring specially designed resilience to process all the transaction flows for CB2A platforms.