Upgrade to a Smart Credit Card Reader by Oct 2015 or else!
What is a Smart Card? (EMV)
EMV stands for Europay, MasterCard® and Visa®, who developed a technology that supports enhanced cardholder verification and can also be used to secure online payment transactions. A smart card has a micro chip that makes it difficult for fraud organizations to target cardholders and businesses alike, so having a smart card reader can protect you from fraud.
Since Smart Cards have transaction information that is encoded uniquely every time, it’s harder for criminals to pick up useful payment data pieces and use them in a fraudulent way.
EMV Smart Cards store payment information in a secure chip rather than on a magnetic stripe and the personalization of EMV cards is done using issuer specific keys. Unlike a magnetic stripe card, it’s virtually impossible to create a counterfeit EMV card.
How does an EMV chip reader work?
Your EMV Smart Card Reader will communicate with the chip inside the customer’s smart card to determine whether the card is authentic. The terminal will prompt the customer to sign or enter a PIN to validate their identity. This process effectively reduces the possibility that your business will accept a counterfeit card or be held liable for a fraud-related charge back from your credit card processor.
When is it happening?
25% of U.S. credit cards will already have EMV capability this year. By the end of 2014, 70% of U.S. credit cards processed and 41% of debit cards will be converted.
Both issuers and merchants face a deadline of October 2015 that will shift liability for counterfeit card fraud to the party in a transaction not equipped for EMV. Gas stations have until October 2017.
By 2015, MasterCard, Visa, American Express, and Discover, will all be using chips in their credit cards, so merchants are required to have an EMV compliant terminal, or “smart terminal,” to increase security and reduce counterfeit cards, and fraudulent stolen cards.
EMV secures the payment transaction with enhanced functionality in three areas:
1 – Card authentication, protecting against counterfeit cards. Transactions require an authentic card validated either online by the issuer using a dynamic cryptogram or offline with the terminal.
2 – EMV transactions also create unique transaction data, so that any captured data cannot be used to execute new transactions.
3 – Cardholder verification, authenticating the cardholder and protecting against lost and stolen cards. EMV supports four cardholder verification methods (CVM): offline PIN, online PIN, signature, or no CVM.
What other incentives are there to accept chip cards?
Smart Card ReaderIn addition to the reduction of fraud and related charge backs, there are other cost savings associated with EMV acceptance. Visa and MasterCard have announced that they will waive the annual PCI-DSS audit if 75 percent of the merchant’s Visa transactions are processed through a dual contactless and contact EMV certified device.
Another Visa and MasterCard ruling is the liability shift. Once this goes into effect, merchants who have not made the investment in chip-enabled technology may be held financially liable for card-present fraud that could have been prevented with the use of a chip-enabled POS system.
Don’t wait to upgrade.
Issuing banks are beginning to issue chip cards, so businesses that have not already migrated to EMV may have to answer to their customers as to why they have to continue to swipe their new chip cards while the market presents chip technology as the safer way to pay.
How am I impacted by the liability shift?
If a chip card is presented to a merchant that has not upgraded to a smart card reader, liability for fraud in credit card processing may shift to the merchant. The liability shift encourages chip adoption since any chip-on-chip transaction (chip card read by a chip certified terminal) provides the dynamic authentication data that helps to better protect all parties.
In addition, if a counterfeit magnetic stripe card is presented at a chip certified terminal, the liability for the counterfeit fraud will be the responsibility of the card issuer.