Retailers still face EMV issues

May 19, 2017

Photo: iStock.com

By Kisha Wilson, marketing manager, SlabbKiosks

Editor's Note: This is the second part of a two-part series that was originally published in Kiosk Marketplace, a Retail Customer Experience sister publication. 

Compliance with EMV (Europay, MasterCard, and Visa) is no longer a choice for businesses that accept credit cards. Card issuers will hold businesses liable for fraudulent credit card charges if their payment equipment is not EMV compliant, as described in part 1 of this two-part series.

But because of the difficulty that many businesses have faced trying to implement EMV, the card issuing companies have postponed enforcing the liability shift to give businesses more time to comply.

The goal of EMV is to help reduce counterfeit fraud costs for merchants who have not yet upgraded their POS terminals to accept EMV chip cards.

Credit card companies hold off on chargebacks

Visa and American Express announced policies last year to limit chargebacks for fraudulent credit card purchases under $25 — through April 2018. An analysis by American Express found that more than 40 percent of its counterfeit fraud chargebacks in the U.S. were for transactions under $25.

Visa said it would block all counterfeit-card chargebacks under $25 in July of 2016, and by October would allow banks to charge back only 10 counterfeit transactions per account, and will require them to assume liability for all transactions thereafter.

American Express announced that at the end of August 2016, merchants will not be held liable for chargebacks for counterfeit fraud for transactions under $25. In addition, by the end of 2016, the company planned to limit the number of counterfeit fraud chargebacks to a total of 10 per card account. The card issuer — not the merchant — will bear the financial liability for any additional counterfeit fraud transaction that is disputed on a card after 10 chargebacks. This limit does not prevent a card member from disputing additional fraudulent transactions.

The changes announced by both Visa and American Express will remain in effect until April 2018.

MasterCard, for its part, updated its fraud rules to minimize the cost to merchants that have not yet transitioned to EMV. The policies were designed to limit merchant exposure to excessive chargebacks on fraudulent accounts.

MasterCard does not systematically block chargebacks under $25. The company reported that its data indicated that card issuers were not actively submitting chargebacks under this threshold, given the operational costs of low-dollar chargebacks.

EMV transition challenges retailers

The credit card companies clearly want to support merchants in their efforts to reduce credit card fraud.

The transition to EMV, however, has taken longer than many people expected due to the cost and complexity of integrating the equipment with the software.

The State of Retail Payments 2016 Study by the National Retail Federation and Forrester Research reported that 57 percent of merchants have installed EMV equipment, but cannot enable it because they still are awaiting system certification. Of those, 60 percent have been waiting six months or longer.

Smaller merchants – which include most kiosk operators – have been slower to comply than the larger companies. Seventy-six percent of the 200 largest merchants are able to accept cards with EMV chips.

Merchants and kiosk operators shouldn't be disheartened or overwhelmed. Changes to current hardware and software may be needed to support a new system.

Payment equipment manufacturers have introduced a number of EMV-compliant devices. However, not all of the devices are able to interface with the card processors' software. EMV hardware uses more advanced encryption technology, which is more complex than magstripe technology.

The installation process could take as long as four to five months for setup, including staff training and beta testing.

How retailers can comply

The Ingenico Group, a payment equipment manufacturer, has cited the following steps needed for a business to accepting credit cards to become EMV-compliant:

  1. Invest in EMV-enabled smart payment terminals, mPOS solutions or kiosks. Consideration should be given to current hardware deployment, store count, POS capability and sales volume.
  2. Become EMV certified by EMVCo, the company that owns the EMV standard, and the card issuers from which the merchant will accept payments. The certification process could take several weeks to several months, depending on the business's size and complexity.

The certification process takes merchants through three levels.

Levels 1 and 2 focus on certifying payment equipment – both hardware and software.

Level 3, completed by the acquirer for some smaller businesses, involves end-to-end certification and covers conduct between the merchant and card brand.

The easiest way for businesses to begin the compliance process is to find a technology partner or expert they trust. The Ingenico Group's unattended partner program works with kiosk providers, system integrators, value-added solution providers and gateway providers to enable acceptance of all payment methods while delivering secure, EMV- and NFC-enabled unattended service solutions.

Kiosk providers offer options

Many kiosk providers are now building EMV-compliant kiosks, making EMV compliance easier for operators. Businesses interested in purchasing a kiosk can also stipulate EMV compliance as a requirement to their kiosk provider.

Chip card technology is by no means a panacea for credit card fraud, as it certainly does not address the fraud that occurs when credit card transactions are done by phone or online. This is why it is important to check credit card statements for fraudulent activity each month.

Many technology partners recommend added security measures like tokenization – a technology that eliminates the need for retailers to store sensitive data on their network. Apple Pay and Android Pay use this technology. Some credit card companies also offer their own versions.

Some experts believe two-factor verification or possibly an online form of EMV could be the solution for online sales checkout.

For the time being, we have seen what EMV technology can do, and it will become more effective if it is widely adopted. It is a step in the right direction that everyone must take.

EMV is being used successfully in many countries, including the U.K., Europe, Canada and Australia. The U.S. is the last developed major country to adopt the technology.


Topics: POS, Retail - General, Technology


Sponsored Links:


Related Content


Latest Content

Get the latest news & insights


NEWS

RESOURCES

TRENDING

FEATURES

TOPIC CENTERS



Featured Topic