Are You Meeting EMV Standards?
The shift has come! I know denial has been setting in pretty hard, and if you’re like the majority of merchants, you’re only just starting to realize that it might be a good idea to exchange your magstripe reader for an EMV-enabled device. Unfortunately, whether you’ve got the proper equipment or not, you still may be liable for certain types of credit card fraud. So it’s time to shake the sand out of those boots and get a leg up on these new regulations or your business may suffer for it.
Table of Contents
What Is the EMV Standard Exactly?
EMV is an acronym for Europay, Mastercard, and Visa, the three companies that first created the standard in 1994 (yes, this concept has been a long time in the making). Since 1999, EMVCo—owned by Visa, Mastercard, JCB, American Express, UnionPay, and Discover—has been the entity behind EMV standards.
The point of the EMV shift is to beef up security by embedding “smart” microprocessor computer chips into credit cards. These chips are much more heavily encrypted than the magnetic stripes found on traditional credit cards, protecting against fraud much more effectively. Of course, since these cards have a different way of storing sensitive data, merchants are going to need a different way to read them. As of October 1st, if you do not have a device capable of reading the new chips (forcing your customers to swipe their cards instead of dipping them) you are responsible for certain fraudulent charges made with a counterfeit or stolen chip card.
Why Is This Happening?
As technology advances, our economy is relying more heavily on credit and debit cards than ever before. Since cards are easier to steal and forge than cash or checks, we’re looking at a natural increase in swipe card fraud. This step-up in technology is a necessary change in order to keep up with the increasingly sophisticated data breaches and skimming techniques. It’s a sort of arms race in which both sides have to keep improving their technology in order get an advantage over the other. This EMV transition is definitely a win on the security side since Europe has seen an 80% reduction in credit card fraud with the implementation of EMV standards. Meanwhile, the U.S. has experienced a 47% increase in fraud because we’ve taken so long to catch up with already EMV compliant regions like Canada and various parts of Europe, Asia, and Latin America.
Is Everyone On Board?
Pretty much. Visa, Mastercard, American Express, and Discover all announced their step-by-step plans for shifting certain types of fraud liability from themselves to the merchants. On a more global scale, most countries have already implemented or are at some point in implementing EMV chip technology for debit and credit cards. As I mentioned before, the United States is a little late to the party, but we’re getting there.
What This Means for Merchants
Simply put, if you don’t want to take the chance of having to fork over a stack of cash, you’ll need to protect yourself from fraud liability by purchasing new EMV-compliant credit card processing equipment. For a majority of merchants, it would be wise to install new systems as soon as possible, but if you’re still not convinced it would be a pertinent investment, check out the article Do You Really Need An EMV Terminal?
Note, though, that the liability shift is not applicable to CNP (card not present) transactions. Phone order and web order transactions will be dealt with as they always were, meaning that if you never actually come in contact with a credit card, you probably won’t have to worry about being EMV compliant.
Implications for Consumers
Other than a feeling of increased security and the task of actually learning how to use these cards, consumers won’t experience as many of the changes or hassles of EMV implementation—certainly not as many as the merchants who have to purchase the new equipment and take on the extra liability. Until chip card dipping becomes more common, though, you’ll probably see some slower moving lines since it takes a couple more seconds to process chip cards and not all customers are quite sure how to use them yet.
Steps to Take as a Merchant
(Until you get your EMV equipment)
- Don’t panic, but don’t get too comfortable.
- Verify customer ID cards when processing credit card transactions.
- Be proactive about finding the EMV equipment and payment processing options that work best for you.
- See this post on buying an EMV chip card terminal.
If you’ve found that your payment processor isn’t quite EMV-compliant yet or they’re charging an arm and a leg for a new machine, you’ll probably want to consider switching providers. If you decide you are interested in doing that, you’ll want to get quotes from at least three different reputable providers to make sure you are getting the best deal. This post on negotiating the best credit card processing deal should be able to help, but if you’re still at a loss, let us know and we’ll lend you a hand.
What Will a New EMV Card Reader Cost Me?
Though you can purchase new readers from a couple different sources, the actual price largely depends on the provider and the equipment you decide to get. For instance, there are a couple compact, mobile EMV readers that you can get for around $30, while most countertop chip terminals (with built-in receipt printers and pin pads) average in the $200 to $400 range.
Depending on how many devices you’ll need and what your business’s revenue stream is looking like, you may be considering leasing an EMV credit card terminal, but that’s definitely something I wouldn’t recommend. You can read this article for the whole story, but basically the point is that you will probably end up spending hundreds more on the machine than it is actually worth.
Summing It Up
If you’re already set up with a chip card reader, congratulations! You are officially EMV-compliant. If you don’t accept any in-person payments, you’re all set too. If you’re currently accepting credit cards without an EMV-enabled device, however, don’t panic. Not yet, at least. You shouldn’t run into too many problems this early in the game, but the credit card industry is evolving quickly and you’ll need to keep up with the regulations to protect your business. Now that the technological bar has been raised, fraudsters are bound to be looking for those businesses that are still vulnerable. Don’t be caught off guard!