A technology has been available since the mid-1990s that is proven to reduce credit card fraud by up to 67 percent (according to research reported by the Smart Card Alliance) in some countries. Until recently, the United States was the only country that hadn’t yet adopted EMV (an acronym of the technology’s creators, Europay, MasterCard and Visa) but it is finally being implemented here in the midst of data breach catastrophes and consumer wariness over payment security.
How EMV works
EMV-enabled credit cards – or smart cards – have in them an embedded microchip that can store data that can be encrypted and/or authenticated for heightened security. In order for the chip to work for the payer, the payee must have a smart card reader. There is much, much more to the technology, but the driving force behind the chip is enhanced security and privacy. Smart cards mean more reliable authentication on a network that offers more security than existing U.S. networks. Encryption available through the smart card system provides advanced protection from tampering, and the technology makes creating duplicate cards very difficult.
Smart card technology creates a single global payment security process for all participants – and when the U.S. finally and thoroughly adopts the system, all major global economies will be on board. The technology also encourages mobile contactless payments (you’ve probably noticed people paying with their phones at Starbucks or at the movies) which will push another wave of innovation and transformation for retail and other industries as we get used to using the technology.
How EMV alters the liability landscape
Credit card companies are pushing the adoption of EMV-enabled smart cards. In fact, major U.S. credit card issuers including American Express, MasterCard and Visa, have established a deadline for businesses to adopt the technology (October 15, 2015). If a business isn’t using the technology by the deadline, it will be liable for any fraud-related loss. For example, if you own a business and use a traditional swipe-only terminal for a chip-enabled card, and that card is fraudulent, the fault is yours.
EMV technology elevates safety, but it also puts a greater burden of responsibility on those who accept payments. In the U.S., more than $10 billion in transaction fraud takes place annually, and that number is sure to be on the rise this coming year, with all the hacking that’s taken place recently.
While retailers typically make up a broad swath of the companies affected by credit card fraud, these new rules apply to any business that accepts credit card payments, from a small plumbing business to medical practices and law firms, and even non-profits. Everyone is affected.
What should you do?
The most important thing to do is get up to speed on the new technology. Resources like the National Retail Federation, Payments Source and even Costco have set up web pages and publications to help business owners make the transition to accepting EMV cards.
Installing the new systems is just one facet of accepting the payments, you’ll also need to train your staff on how to use the new technology, and help them understand how the system works.
Whether you own a mid-sized business or a huge operation it is important to consider how much exposure your business has to credit card fraud. Ascertain how much credit fraud you’ve experienced in the past, and consult some experts on how that fraud could increase over the next year, as well as the new risks you might face once the landscape of liability changes in October of 2015. Do everything you can to mitigate potential disasters, but also consider your insurance coverage for credit card fraud.
We’re happy to talk with you about coverage. Feel free to contact us if you’d like information on how forming an enterprise risk captive can help.