Guide: 4 Questions Retailers Are Asking About EMV and Payment Technology

Will EMV Compliance actually lead to improved security?

In short, yes. Fraud in the Single Euro Payments Area (SEPA) fell 7.6% between 2007 and 2011 after EMV replaced the existing payment technology standards. Card skimming losses alone dropped from $142 million to $38.5 million in the span of a single year (2008 – 2009).

How is this possible? Chip technology is significantly more secure than magstripe card technology because it employs secret cryptographic keys to help protect against fraud at the point of sale and make payment cards more difficult to counterfeit. Modern authentication technology helps ensure the card being used is real and that it belongs to the person using it.  It drastically reduces the chances of a business accepting lost, stolen or counterfeit cards.

EMV adoption is already widespread and established enough in markets outside of the US that there is data to demonstrate its effectiveness. Recent high-profile breaches in US retailers have contributed to the sense of urgency underlying the push to adopt more robust security standards and combat a growing trend of card-related financial fraud. The good news is that the new standards are working.

What are the implications of the October 2015 Liability Shift?

MasterCard defines the liability shift this way: The party, either the issuer or merchant, who does not support EMV, assumes liability for counterfeit card transactions. What this means is that those issuers and merchants using non-EMV compliant devices that choose to accept transactions made with EMV-compliant cards assume liability for any and all transactions that are found to be fraudulent.

Today, financial institutions bear the brunt of liability when it comes to fraudulent transactions.

Effective October 1st, 2015, that will no longer be the case. Careful evaluations must be made by retailers of all sizes to determine the potential risk of utilizing non-EMV compliant POS systems beyond this date, as they will be liable for any fraudulent transactions that occur on these systems.

What should I know about the way payment technology is changing?

Magstripe payment technology, which has held strong in North America for decades, is on its way out. The European Payments Council (EPC) has started talking about banning it altogether in favor of more secure payment methods. Although the majority of POS hardware is still built to accommodate the familiar swipe-to-pay process, experts anticipate the magstripe cards themselves may vanish within as few as two or three years.

The old cards will be making way for the EMV-compliant chip cards, but more importantly, are disappearing as part of a paradigm shift from “contact” to “contactless” payment. Right now, contact payment is the swipe of that magstripe; with chip cards, the contact will be established by inserting the card into the machine. Chip cards also, however, have the ability to process transactions by holding the car near a reader built into the point of sale. Simply speaking, you tap your card and the payment happens via short range radio signal. This quick payment is especially convenient for consumers making purchases under $50. It hints strongly at the direction that payment technology is trending: contactless and convenient.

This is where mobile payment methods shine. In 2010, the total gross dollar volume of mobile payments in the U.S. alone was $16 billion; some experts expect this volume to rise to $214 billion by 2015. It’s important to be aware of how both consumers and financial institutions are driving change in POS standards, and to invest in solutions that will remain flexible and innovation-friendly during this time of rapid evolution.

What do I have to do as a retailer?

Start by doing research into the EMV-compliant hardware and software options available to you. Talk to your current POS solution provider; can they offer you a software upgrade, or will it require a hardware installation? What is their suggestion for best practices?

If you don’t already have an integrated solution, especially when it comes to the connection between your POS and your accounting and inventory software, this is a good opportunity to make that shift. Gaps in your software ecosystem can pose just as much of a security issue as a non-compliant POS system.

Make sure to talk to other vendors, especially if your system will require a major overhaul. Reach out to other industry experts. Review how happy you are with your current POS system – now may be the time to upgrade, if you find it lacks more than just EMV compliance to meet the needs of your business.

*no email registration required