Card issuers pushing new system to fight credit card fraud.
by Phil Britt
Payment card issuers will be forcing merchants to take a more proactive stance against payment fraud by requiring that point of sale (POS) systems be able to meet so-called EMV standards, including the ability to accept chip-based cards, by Oct. 1, 2015.
Until that date, Visa, MasterCard, Discover and American Express will continue to absorb the losses from payment fraud, though merchants eventually pay for much of it in the form of higher interchange fees. After that date, the liability will shift to the merchants if they don't have EMV-capable POS terminals.
The information on the magnetic stripes on the back of most of today's cards can be easily copied and included on a cloned card, one of the major contributors to the estimated $17 billion U.S. annual expense of payment card fraud losses and fraud prevention, according to officials from Chicago-based CardTek USA, a payments technology company.
Chip-embedded payment cards, on the other hand, are nearly impossible to duplicate. The chips and terminals must meet EMV specifications (which stands for Europay, MasterCard and Visa, the three companies that developed the standard for the security chip).
The EMV standard has been in place in Canada and Europe for several years and is credited with significant fraud reduction, but pushback from merchants has prevented adoption in the U.S. Merchants have pushed back because most don't have POS systems that will accept the chip-based cards, and the upgrades can be very expensive. The card issuers have wanted implementation here for several years, and have delayed deadlines on a few occasions. But the massive breaches at Target, Home Depot and Jimmy John's have solidified their stance on the Oct. 1, 2015, date for implementation.
In late September, Home Depot said all stores will be equipped with such EMV-capable terminals by the end of 2014. Target is also hastening its implementation of the new POS systems.
Smaller merchants will wait, and some could decline to upgrade. If a merchant typically has very small charges, he or she may opt to accept the liability under the premise that absorbing the fraudulent charges will be less costly than upgrading to the new EMV-capable POS terminals.
However, providers of the POS systems point out that the new technology has slashed fraud where already implemented and will likely do the same in the U.S. Since the UK deployed EMV “chip-and-PIN” cards in 2004, overall card fraud in that country has fallen 32 percent, from [euro]504.8 million in losses that year to [euro]341 million in 2011, according to the most recent figures from the UK Card Association.
Additionally, the new POS systems will provide other advantages such as the ability to accept mobile payments, provide real-time reports, easily integrate with other systems and have other valuable features not offered by older systems.
Even the merchants who upgrade will likely delay the change to near the deadline due to the lack of chip cards on the market. Wells Fargo and some of the other major banks have just started to issue cards that have both chip and magnetic stripe technology. Discover officials said at a recent conference that the company is testing some chip-based cards at the corporate level, but the company has yet to announce when such cards will be issued to the general public.
While the EMV technology is expected to significantly reduce fraud, it will not totally eradicate it.
Federal Reserve Bank and payment industry officials, who discussed payment security and other related topics at a payments symposium in late September, agreed that there is no way to stop all payment fraud. But adopting EMV-capable terminals will likely prevent much of today's card-related fraud.
