EMV payments complianceWhy businesses should meet EMV payments standards, and why consumers should adopt it with open arms.

It’s been five years since the new EMV payments rules went into effect, shifting fraud liability from card issuing banks to merchants that are not EMV compatible. While adoption is growing among merchants and consumers, saturation is still not where it should be.

In 2019, more than 97% of transactions in Europe were EMV chip transactions per EMVCo. While in the U.S., over the same 12-month period,  EMV payments only accounted for less than 63% of transactions.

It’s time for more merchants and consumers to embrace EMV technology as the standard for security and the fight against credit card fraud.

What is EMV technology?

EMV technology is a global security standard that makes in-person credit card transactions more secure. 

EMV is the common term that refers to the set of standardized security specifications that govern secure card-based payment transactions. The security specifications were created by a cooperative of the major card networks called EMVCo LLC

EMV is technically an acronym that stands for EuroPay, MasterCard, and Visa, who originally formed the organization. Later, once the other three major card brands joined the coalition, they became EMVCo. EMVCo is now co-owned and managed by MasterCard, Visa, American Express, JCB, Discover, and UnionPay.

Contact card transactions are more secure because of the cryptographic functionality in EMV chips embedded on credit cards. The EMV chip creates a unique, one time use code for each transaction. Unlike the old mag stripe, where actual cardholder information and card number was communicated. And subsequently easily hacked and intercepted.

Globally, more than 80% of credit and debit card transactions are EMV chip transactions. But in the U.S., EMV chip transactions make up just under 63% of all transactions per EMVCo.

Fraud liability shifts to merchants under EMV payments Compliance rules.

contactless payments NFC

Prior to Oct. 1, 2015, all liability for counterfeit card fraud fell on the card issuing banks. In an effort to push adoption of the new EMV standards, banks transferred some liability for fraud to the merchants. 

Beginning Oct. 1, 2015, any liability for counterfeit fraud landed with the entity with the least security standards in place. This means that any merchant who has not upgraded to EMV compliant payment terminals would be liable for fraud.

Card issuing banks wanted to protect themselves from the financial burden of fraud by moving a portion of the liability to merchants. In short, if a merchant could process a transaction with an EMV chip but instead processes it using a mag stripe, they are liable if fraud results. 

This is a problem considering only 63% of transactions were EMV transactions in the U.S. in 2019.

How can we help make card-not-present transactions more secure?

EMV compliant chip readers help make card present transactions more secure. But how can we make card-not-present transactions more secure when there’s no chip to dip?

In eCommerce, the customer isn’t standing there, card-in-hand with a chip to dip. E-commerce merchants must take a few extra steps to authenticate transactions. 

Yes, this may cause a bit more friction at the checkout, but it’s necessary to combat fraud. Especially since ecommerce fraud increased substantially since the adoption of EMV payments.

Merchants must make sure they’re collecting enough information to validate the purchaser. Or, more importantly, enough to make it difficult for the fraudster.

When collecting customer information be sure to get the billing address associated with the card being used. Not just the shipping address. 

For high-value purchases, it may be a good idea to go a step further and require additional contact information such as email and phone number.

Card information should include the name “as it appears on card”. And require they enter both the expiration date and the CVV code. Fraudsters may hack card numbers but not have the CVV. Or they may not know the cardholder uses their middle initial on their card. 

Always maintain PCI Compliance. PCI compliance helps secure many of the ways hackers exploit payment pathways. 

These are all simple steps that help protect you and your customers’ sensitive data. Once consumers understand this, they realize it’s well worth the slight inconvenience.

EMV adoption in the U.S.
Source: EMVCo Inforgraphic*

All Card-present merchants should want to comply with EMV standards.

The 2020 Federal Trade Commission report revealed credit card fraud as the most common type of identity theft in America. The more fraudsters get away with it, the more types of fraud they commit. 

The number 1 reason businesses should adopt EMV compliance is to protect their customers and themselves from fraud.

Fraud is very costly and has many ramifications for both businesses and their customers. Businesses lose their products and the revenue that would’ve come from them. They incur chargeback disputes that not only costs them in fines and fees, but cost time and money to investigate. The most recent statistics from LexisNexis show that U.S. businesses pay $3.13 for every $1 of fraud they incur.

Chargebacks have a negative impact on a business beyond the cost to revenue. Acquiring banks set a threshold for the allowable amount of chargebacks a business can incur. Businesses with a high incidence of chargebacks are high risk and pay more for their payment processing. If a business’s chargeback ratio breaks the threshold, the bank could close their merchant account altogether. 

Not only does this leave the merchant with no way to accept payments, it makes getting approved for a new account difficult. 

Fraud also costs businesses their customer confidence. Consumers who have been a victim of fraud lose trust in that business’s security measures. And, they often take their businesses to a more trustworthy company.

Consumers should embrace EMV and 3D Secure technology.

Americans are acutely aware of the risks of fraud in our daily activities. And the consensus seems to be that the risk is increasing, according to 92% of American consumers.

As consumers, we’re already picky about who we support with our hard-earned dollars. But the risk of fraud will make more than half of American consumers take their business elsewhere if a business didn’t monitor for fraudulent activity. 

And as we’ve already pointed out, credit card fraud is the most prevalent type of identity theft. A study sponsored by LifeLock looked at the emotions ramifications of fraud and identity theft on individuals. Protect your sensitive data

Being a victim of identity theft or fraud has a ripple effect on the victim’s life. In addition to financial hardships, it can also have a negative impact on family life and emotions. After the obvious first reactions of annoyance and anger, people went through a myriad of emotions and ongoing troubles. 

Victims experience fear for their personal financial security, which invokes feelings of “helplessness or powerlessness”.  And it’s not just emotional, some of these emotions manifest themselves physically. Victims (74%) reported feelings of stress and anxiety, and many experienced heart palpitations and loss of sleep.

American consumers need to embrace new security technologies aimed at protecting their sensitive data. Even if it means a little bit of extra effort on their part. 

Are there EMV chip card scams?

Yes, of course there are. Payment card fraudsters are sophisticated criminals. One 2018 scam involved criminals who removed the chips from real cards and replaced them with dummy chips before sending the card on to the recipients. So it wasn’t so much that they copied the card information or stole sensitive data. They stole the actual chip.

Moving forward…

EMV technology has been in use for decades. The rest of the world already accepts EMV specifications as the standard of payment processing. EMV and contactless payments are technologies that will continue to evolve and progress and shape the future of payment processing. 

EMV compliance can help merchants detect and prevent fraudulent transactions in real time. By processing transactions following the recommended EMV procedures, merchants help to fight fraud.

Additionally, cutting down on fraudulent transactions lowers the chargeback disputes that ultimately follow fraud. 

And finally, by complying with the EMV framework, merchants help keep the liability for fraud off of them and on the bank’s end.

And the statistics prove it:

3.7 million U.S. EMV ready merchants as of September 2019.

75% of storefronts in the U.S. accept EMV cards as of March 2019.

87% decrease in counterfeit fraud losses for EMV compliant merchants.

Get your EMV compliant payment terminal now.

Are you ready to upgrade to EMV compliant payment terminals? Ready to begin accepting contactless payments and mobile wallets? There’s no better time than the present, and it couldn’t be easier.

Our ETA-Certified Payment Professionals are well prepared to advise you on the best solutions for your particular business’s needs. Call us today! 

“Experience the Bankcard Brokers Difference!”

Get Started

* EMVCo Inforgraphic: Chip By The Numbers