By Janice Mackler
EMV stands for Europay, MasterCard and Visa, a global standard for inter-operation of integrated circuit cards (IC cards or “chip cards”) and IC card capable point of sale (POS) terminals and automated teller machines (ATMs), for authenticating credit and debit card transactions. The EMV standard is moving the consumers to chip card technology. These new cards contain an integrated circuit containing payment related information protected by layers of security. The EMV standard allows for cardholder verification methods other than a PIN.
As a merchant there are three core areas of concern:
- Expand TIP – TIP will end the mandate for merchants to validate their compliance with the PCI Data Security Standard for any year where 75% of the merchant’s VIS transactions stem from chip-based terminals.
- Build Infrastructure – Chip acceptance will require service providers to be able to carry and process additional data that is included in chip transactions, including cryptographic messages that make each transaction unique.
- Shift Liability – Effective October 2015 the party, either the issuer or merchant, who does not support EMV, assumes liability for counterfeit card transactions.
EMV is not the silver bullet that can wholly insulate a merchant from the credit breaches common in the news today. Credit card theft will continue, and merchants will still need to protect themselves. EMV transactions still send credit card data in clear text that hackers can use for credit card fraud. Since creating fake cards is more difficult in the EMV environment, hackers will be more apt to perpetrate fraud in an on-line environment rather than in person. Therefore, your firewall is still extremely important for protecting your business.
Questions you need to be asking your POS provider? Is your POS Hardware ready for EMV? Is your software version able to accept EMV transactions? Does your POS have enough memory to support the EMV peripheral devices for both contact and contactless acceptance? Has your credit processor defined what is required of the POS system to communicate in the EMV standard? Most POS providers will not have the code completed until 2016, as these requirements are still being defined.
What does this liability shift mean to you as a merchant? How many transactions are flagged as fraud in a given year? What is the cost to the merchant for those transactions? We’ve heard many merchants say the liability shift is far less than the cost of immediately transitioning to EMV.
As your trusted POS advisor we want to ensure you are ready to successfully meet these new requirements. Please call us to discuss your needs.
1.855.737.1500 | rdspos.com