Why Merchants Must Mark October First
After October 1, liability for fraudulent charges will default to the least EMV-compliant party in the payments process. EMV, which stands for Europay, MasterCard and Visa, is a global standard for contact and contactless cards that contains computer chips and technology capable of authenticating chip-card transactions. What makes chip-enabled credit cards attractive is their security; unlike traditional magnetic stripe credit cards, chip-enabled cards are harder for thieves to hijack data from and then sell to be used for fraudulent transactions.
With organized crime rings and even low-level hackers focusing their efforts on the mag-stripe dependent U.S. market,1 all parties involved in the payments process are motivated to upgrade their technology to become EMV-compliant. For banks, this means issuing chip-enabled cards to cardholders by October 2015. For merchants, EMV compliance requires installing new terminals capable of processing chip-enabled cards, certifying the software those terminals run on, and training their employees to process payments with the new cards and help consumers use the new terminals.
Why Some Merchants Won’t Be Ready
Big box retailers and other national chains are likely to be ready for the transition—if they have internal resources needed for bringing their systems into compliance or are currently working with vendors that are managing the upgrade and certification process for them. Midsize or smaller merchants that lack the internal resources to certify their software and train their employees are going to have a difficult time managing the complexities of upgrading by the October 1 deadline.
EMV compliance requires a major infrastructure investment, and with the average terminal lifecycle at 5.2 years and the average age of a merchant POS system at 3.3 years, merchants caught in the middle are likely to wait.1
Can You Afford Not to be Ready?
Merchants that decide to enter the busiest shopping season of the year without being EMV-compliant are taking on increased risk; first, of being held liable for fraudulent transactions and second, of becoming targets for savvy data thieves.
Resignation is not the only option for merchants that aren’t ready now and fear they won’t be come October. If they haven’t already, retailers can and should start a conversation with their acquirers about EMV today and put a migration plan in place. That process can begin with a calculation of what reterminalization will require, both in hard costs and training time. Even if retailers can’t get the process finished before the busy holiday season hits, starting now and picking back up during the first quarter of next year is still a better option than waiting until next year to start.
This is the third post in a new series on EMV. Up next: The Fraud Impact.
1. Peterson, T., Fishman, J. EMVelocity: Outlook for POS Reterminalization and Mobile Payments. Aite Group, January 2015.