-
Large banks and card issuers are ready for the U.S. shift to chip-and-PIN technology, according to a report issued Wednesday. But the drop in fraud that is expected to result is unlikely to come any time soon.
March 18 -
Smaller banks need to develop detailed marketing plans to reach out to cardholders, while also working with their processors to prepare for the transition to EMV cards.
March 12 -
Decisions about when and how to implement EMV technology in credit and debit cards are difficult. Many banks have decided to slowly phase it in, despite the fact the delay will open them up to greater potential liability.
February 18 -
ICBA Bancard has allocated nearly $600,000 to support community banks as they navigate the transition to EMV chip-and-PIN cards this year, the wholly owned payment services subsidiary of the Independent Community Bankers of America announced this week.
March 4
It's November 2015 and the owner of an upscale women's clothing store has just learned that the $1,500 dress she sold earlier in the week was purchased with a fake credit card.
Two months earlier, the issuing bank or the credit card network might have covered the store's loss, but because the owner had yet to upgrade the security of her credit card readers, she must now absorb the loss herself.
It's a hypothetical scenario now, but one that could become a reality for retailers come Oct. 15. That's when major credit card networks expect banks and retailers to adopt new technology known as EMV as a way to minimize theft of card data. After that date, liability for fraud shifts from the card networks and issuing banks to whichever party in a transaction the bank or the retailer is the least EMV-compliant.
Small merchants in particular are in no hurry to install EMV card readers, contending that losses from counterfeit credit cards are minimal. Moreover, many merchants only recently replaced their equipment to make them compliant with card industry security standards, so they are reluctant to swap out equipment again, says David Matthews, general counsel of the National Restaurant Association. "For small restaurants in particular, margins are so low that to do capital expenditures, especially on something that is not broken, is not something they want to do," Matthews says.
That foot-dragging concerns some bankers, who fear that they could end up looking bad if a small business is victimized by fraud and is then left to absorb the loss. "I don't want to see headlines saying, 'Big Bad Bank Put Mom's Pizza Shop Out Of Business,'" says David Pollino, senior vice president and enterprise fraud prevention officer at the $71 billion-asset Bank of the West in San Francisco. "But it's coming if merchants don't take it seriously."
EMV cards are embedded with micro chips and are widely viewed as being more secure than magnetic-stripe cards. While stolen data is more common with online purchases, thieves still pilfered an estimated $3 billion from retailers in 2014 using fake or stolen credit cards at the point of sale, according to Aite Group. EMV proponents say that figure would decline sharply if all cards used chip technology.
Still, according to a recent Aite Group survey, 46% of merchants said they had not yet begun any preparations for EMV acceptance. Moreover, 34% said they had never even heard of the U.S. migration to EMV cards.
Liz Garner, a vice president at Merchant Advisory Group, a Minneapolis trade group that represents 85 of the nation's largest merchants, says that her members are still waiting for the card networks to publish testing specifications for certifying merchant technology as EMV-compliant. "But even if the merchants had specs in hand right now, there's no way to get everybody on speed, certified and go live by October," she says.
Bank of the West's Pollino warns that merchants could be exposing themselves to huge chargebacks if they miss the Oct. 15 deadline.
The restaurant group's Matthews says most of its members aren't too concerned because they typically sell low-ticket items and chargebacks at that level aren't "significant" compared to, say, the losses a consumer electronics retailer might suffer.
"They just don't have enough counterfeit experience to make them as afraid as you think they should be," he says.
While the rest of the world has embraced EMV, perhaps the United States could leapfrog to adopting even more recent technology instead, Matthews suggests. "We do believe tokenization and point-to-point encryption offers the most secure solutions."
There's also concern that the EMV upgrades would do little to thwart "card-not present" fraud, essentially online or phone purchases using stolen data.
Even smaller restaurants are utilizing CNP transactions to enable customers to order online for later pickup or delivery, Matthews says. As such, many would rather just wait and adopt EMV technology when it becomes more widely available.
The Merchant Advisory's Garner is more blunt: "What's the point in implementing this now when the methods are likely going to be changed again?"
Implementing EMV chip now would be "extremely costly, extremely disruptive and extremely complex across the board," she says. "With our folks there is a lot of uncertainty of its value, because of the availability of other types of technology that are better."