As our economy becomes more reliant on the use of payment cards as opposed to good ol’ fashion paper cash, instances of fraud are on the rise. Data breaches are happening more frequently and transactional fraud is costing the United States billions upon billions of dollars. If it weren’t for a significant change in technology, this trend would continue to spell disaster for businesses and consumers alike.
That significant change is rooted in what is commonly referred to as EMV, which stands for Europay, MasterCard and Visa. EMV is a global standard for cards that utilize credit card chip technology as a means for authentication. This new EMV technology replaces the familiar magstrip (that magnetic strip, typically located at the top of a credit card) with a computer chip.
This new credit card chip is expected to increase the strength of payment security by making it more difficult to counterfeit cards and commit fraud. Overall, it’s a minimally invasive way to protect both the business owner and the consumer.
How Will EMV Affect My Business?
EMV will transform payment security, but not without requiring some preemptive action from consumers and business owners alike. Consumers will need to watch their mailbox for new cards with the updated technology. Millions of consumers already received or are already using EMV credit cards, and millions more are expected to receive them in time for the October 2015 deadline.
That’s right. There is a deadline. Grab your day planner, open your calendars, and set a reminder on your phone. If you are a business owner, October 2015 is an important date for you. This is the date that all major U.S. credit card companies (Visa, Mastercard, American Express and Discover) have established as the date that merchants must hold up their end of the deal and become EMV complaint.
While consumers are simply issued a new a new card, and after activating, can resume their purchasing practices, business owners need to address the EMV shift in a slightly different way. The familiar swipe of a card through a point-of-sale terminal will be phased out for EMV credit cards. Instead, a new method will be used to authenticate the EMV credit card chip.
Welcome to the world of “card dipping.” To be EMV compliant, the card reading and transaction portion of purchasing will now require that cards with EMV chips are “dipped,” or inserted into a terminal slot. This is not the same as some point-of-sale equipment or banking machines that allow the user to simply insert and pull out the card. Instead, the card must stay inside the machine until the data from the card flows to the issuing financial institution and is verified.
Some point-of-sales terminals will also carry the ability for near field communication. This means that the card is tapped against the terminal and the information is transferred from the card chip to the terminal. Though this may be easier for the consumer, these dual-face terminals can prove to be quite expensive.
As you may have already surmised, this required you, the business owner, to purchase new point-of-sale technology that is enabled for EMV verification.
What If I Don’t Comply in Time?
The financial world as we know it is not going to stop in October. Cards and card technology that still utilize magstrips will remain valid forms of payment. Expecting anything less would spell disaster for the U.S. economy.
However, you will want to take notes on what I say next, because while you may not be required to comply by that date, there can be truly negative repercussions if you do not. This is where the big question comes into play. In an EMV credit card world, who’s liable if fraud occurs?
What is the EMV Liability Shift?
Currently, when there is a data breach, instances of counterfeit, or other type of credit card fraud, the financial institution responsible for issuing the card typically will be responsible for the loss. If you’re watching the news lately and are aware of the sheer volume of data breaches, you can imagine that this would amount to a pretty hefty penny.
Come October 2015, this liability will shift depending on the level to which the merchant is EMV compliant. If a small business owner has failed to install the required technology by the date, and there is a subsequent data breach or fraud issue within that business, they will be held accountable for the consumer loss.
While big box merchants who don’t comply may also feel the repercussions should they fail to be compliant, this circumstance can be deadly to small business owners without the capital or resources to act as a safety net.
Your best bet? If you can become EMV compliant by October 2015, it’s in your best interest to do so. If not, you should begin to take the appropriate financial steps to do so as soon as possible.
This article was originally written on October 7, 2015 and updated on November 12, 2018.