Chip and PIN or Chip and Signature cards, depending on the authentication techniques used, are quickly phasing out conventional magnetic stripe credit and debit cards in order to comply with new Europay, MasterCard, and Visa (EMV) standards. Nearly a year and a half after the deadline, many businesses still are not properly equipped to accept EMV cards and they will be held accountable for any fraudulent transactions that happen in their stores as a cause of this.
EMV is already a standard in all major markets outside of the U.S. EMV payment cards contain a microprocessor chip that creates a unique, single-use code for every transaction and requires a Personal Identification Number (PIN) for validation. Traditionally, credit and debit cards that only had a magnetic stripe that stored unchanging information, making it easy for that data to be copied and used fraudulently.
An EMV card, on the other hand, makes it nearly impossible for thieves to steal someone's information because they do not store personal information natively. In addition to a magnetic stripe that allows backwards compatibility, EMV cards are equipped with an RFID chip which can also support near field communication (NFC), or "contactless," card reading. To do this, users simply tap the card on a terminal scanner, which receives information that is embedded on the chip.
As of Oct. 1, 2015, major card issuers like Visa, MasterCard, American Express and Discovery have implemented a liability shift for point of sale (POS) terminals, and have issued these new chip cards to nearly all their customers.
In reality, retailers do not incur any penalty fees for missing out on the deadline because it was merely created to encourage all merchants to become EMV-compliant as soon as possible. While companies face no real consequence such as a fee or warning for not meeting the deadline, following this date, the issuer of a card is no longer responsible for fraudulent charges if a retailer has yet to update their systems to be EMV-compliant.
As a result, millions of businesses are transitioning quickly. This means integrating EMV software to their POS systems and purchasing new hardware to accommodate the "dipping" rather than swiping method chip cards require for processing payments. Every day they cannot process EMV cards, establishments face the threat of being liable for the costs of any fraudulent transactions that occur because of their outdated technology.
The only exceptions to the October 2015 deadline, however, are gas stations and ATMs. In December 2016, the liability shift for payment terminals at gas stations for MasterCard and Visa was pushed from Oct. 1, 2017 to Oct. 1, 2020. American Express and Discover also share the same target. MasterCard's liability shift for ATMs was Oct. 1, 2016, and Visa's is Oct. 1, 2017.
The reason for this change is due to the challenges that come with changing or upgrading entire infrastructure like pumps and ATMs. For years, pay-at-pump transactions and some ATMS have used a quick in-and-out insertion slots to read cards. These machines are not suited to integrate with EMV-ready retrofitting kits because of their older and more complicated infrastructure and require special technology.
In addition to the lack of EMV-compliant supplies, there is also a lack of trained specialists who develop EMV-compliant software that meets ISO standards, know how to work with application identifiers (AIDs) and integrated circuit card applications, and can also properly integrate EMV-compliant software into existing hardware.
Like an in-store POS, chip cards at pumps and ATMs must remain inserted until the transaction is complete, which is very different than what cardholders are used to in these environments. ATMs that already use a tractor feed to hold a card for the entire duration of a transaction will be easier to adopt EMV compliance. On screen prompts, regardless of which card reading method is utilized, will also have to be changed to follow new payment procedures.
Although modifying the hardware and software of these technologies is costly and difficult, the adoption of EMV technology has already significantly reduced the number of credit card fraud cases in the U.S., and that number is expected to continue falling as more as more enterprises upgrade their systems.
Those who are still trailing behind on this movement can avoid incurring the potential costs of fraudulent transactions by partnering with experts in custom EMV software development and integration. By taking this route businesses can assure they are taking the most secure, reliable, and cost effective strategy to quickly become EMV-compliant.
Learn more about EMV software services at chetu.com/emv
Chetu does not affect the opinion of this article. Any mention of a specific software, company or individual does not constitute an endorsement from either party unless otherwise specified. This blog should not be construed as legal advice.
Founded in 2000, Chetu is a global provider of application development services solutions and support services. Chetu's specialized technology and industry experts serve startups, SMBs, and Fortune 500 companies with an unparalleled software delivery model suited to the needs of the client. Chetu's one-stop-shop model spans the entire software technology spectrum. Headquartered in Plantation, Florida, Chetu has fourteen locations throughout the U.S. and abroad.