One of the biggest changes in retailers’ security and checkout systems is now in effect.
The age of the EMV chip has arrived.
“This fall, retailers are making one of the most significant changes in the past 30 years to the checkout experience for consumers. Not since the ‘mag stripe’ credit card was introduced in the late 1970s have we seen a change this big,” said Tom Scott, senior vice president of communications and marketing for the Michigan Retailers Association.
“Retailers are beginning to roll out new technology that will help reduce or eliminate the impact of a data breach and use of counterfeit cards. Now that banks have begun issuing cards with an EMV chip on them, retailers can use that technology to protect their customers’ data.”
So what exactly is an EMV chip?
Scott explained that EMV stands for “EuroPay, MasterCard and Visa” payment networks. The EMV technology provides for higher security for credit card transactions by including a “chip” in credit or debit cards to reduce the incidence of data breach, he said.
This chip is an embedded microchip that cannot be replicated, making it more difficult for hackers to use stolen card data to produce counterfeit cards.
“Specifically, a chip card generates a unique one-time code for each consumer transaction. This code is virtually impossible to replicate in counterfeit cards. Because a new unique code is generated each time, it renders the previous card-swipe data worthless when a consumer uses his or her card again,” Scott said.
“Retailers are spending billions of dollars to ensure the new payment terminals are in place and able to accept the new chip cards. This is in response to a change in the rules for accepting credit card transactions and will ensure that the retail community is not held liable for counterfeit fraud usage.”
The EMV changeup will affect any merchant and business with the ability to process a card-present transaction, said Tedi Falvo, spokesperson for International Bancard Corp.
EMV is intended to satisfy two main objectives, she said. The first objective is decreasing credit and debit card fraud on card-present transactions due to the increased security. The second objective is creating a consistent cardholder experience worldwide.
“With EMV, a customer’s credit and/or debit card will be inserted into the merchant’s terminal. The card information will be transmitted through the chip in the card to the issuing bank for an authorization decision,” she said.
“The credit or debit card must be present during the transaction to fall under the EMV guidelines. Businesses can be held liable for fraud liability should they opt not to install an EMV-supported device and accept chip-embedded cards.”
This has a specific name: the U.S. Fraud Liability Shift policy. Although there is no mandated changeover to use EMV, the Fraud Liability Shift began Oct. 1, she said.
“It is not a mandate, but in order to be protected from fraud, you will need to upgrade your terminals. If a fraud transaction occurs and the retailer is not utilizing an EMV-capable device, they are liable for the fraud transaction amount.”
So how will consumers be affected? Not much. Scott said the most visible change is that consumers will no longer “swipe” their credit or debit card. Using a chip card, the consumer will “dip” or insert it into a reader — similar to an ATM — and wait for the card to be read.
“Although retailers are spending billions to ensure new payment terminals are in place and able to accept new chip cards, chip cards are expected to include both a chip and mag stripe for the next few years, allowing older terminals to process transactions using the less-secure mag stripe technology. So customers without a new chip card will still be able to use their mag stripe credit cards for awhile to make purchases,” Scott said.
While consumers may not be affected that much by the change, the new system changes many things for businesses, specifically retailers. When asked what this shift will cost businesses, Falvo said it depends on the specific needs of the business. For example, the cost of a typical credit card terminal ranges from $200 to $700.
“Some of our members have upgraded but many others have a ‘wait and see’ attitude. We have pushed out a lot of communications over the past year to our members about the liability hazard of not adopting EMV technology,” said Michael Rogers, vice president of communications for the Small Business Association of Michigan.
“However, we’ve heard that many small business owners are hesitant because they are uncertain about the costs they will incur from upgrading and the learning curve involved with implementing the technology. Also, many of them believe that, because they don’t have a lot of credit card transactions and/or don’t sell a lot of expensive items, they are at small risk of credit card fraud.”
Not everyone is happy about the change, Falvo said. Retailers such as restaurants that accept tips are having the most difficult time making the adjustment because it impacts the flow of payment acceptance, she said.
“This is a large and expensive change for everyone, so everything won't be in place immediately on Oct. 1. The migration to chip cards, which are issued to consumers by the various banks that issue cards, will take several months or possibly years to accomplish.
“It is estimated that only 27 percent of retailers will be able to accept chip-only cards on Oct. 1, and most of the issuing banks have not distributed chip cards to all of their cardholders,” Scott said.
“The liability shift says that the party — either the issuer or merchant — that does not support EMV assumes liability for counterfeit card transactions. If both the issuer and merchant are EMV-compliant, the liability stays with the issuer, which is the same as it is today for mag stripe cards. The issuer is either a bank, credit union or any other financial institution issuing credit or debit cards.”