- First steps with BASE24 Classic 442 views. What to expect when installing Base24-eps 438 views. Getting started with using Prognosis for BASE24 and BASE24-eps 406 views. BASE24 classic host.
- For as long as currency has existed, resourceful people have tried to find ways to profit by forging it. Soon after the introduction of the first coins in Greece around 600 B.C., the first counterfeiters went to work.
Since its introduction to the United States in 2011, EMV chip technology has dramatically:
- Improved credit card security
- Reduced in-store payment fraud
EMV technology has also allowed customers to use their cards abroad with greater convenience and confidence.
What are EMV credit cards, and how do they protect businesses and consumers from payment fraud?
The new approach requires stronger authentication on transactions that appear to be high risk without requiring cardholders to first enroll in the program. Based on the experiences of other countries that.
The Basics: What Does EMV Stand for?
Short for “Europay, Mastercard, and Visa,” EMV credit cards come with embedded “smart chips” that offer much greater protection against fraud than their traditional magnetic stripe counterparts.
How Does EMV Chip Technology Help with Payment Security?
The embedded security chips that come with EMV technology are very difficult to clone. To successfully complete an in-store transaction at an EMV-enabled card terminal, the original version of the card (and chip) must be physically present.
Most of the world had already graduated to EMV chip technology by the time it arrived stateside in 2011. Yet, to speed the transition to this more secure payment standard, the U.S. introduced new liability rules in October 2015. Merchants and card-issuing banks that didn’t make the switch to EMV technology would be responsible for any losses resulting from fraudulent activity. They would also be subject to punitive fines.
As of 2019, more than one billion chip cards have been issued to U.S. consumers.1
How Does EMV Technology Work?
EMV chip technology can store far more information than magnetic stripe credit cards. This technology allows these credit cards to hold encrypted data, which helps protect against in-store payment fraud. Better still, this encrypted data is dynamic, meaning the information can change over time.
Whenever EMV chip technology is used for an in-store payment:
- The customer “dips” his or her plastic into a chip reader at the point-of-sale (POS) terminal
- The EMV chip generates a unique transaction code that can never be used again (by anyone else)
These transaction codes prevent EMV credit cards from being compromised. Even if they fall into the wrong hands, fraudulent cards are unable to generate the proper codes.
Because the rest of the world has already adopted EMV chip technology, Americans who still rely on legacy plastic often face difficulties when they shop abroad. However, using EMV cards helps to remove restrictions when buying in-person from merchants around the globe.
Why EMV Chip Technology Continues to Rise
Many stateside businesses continue to move to the more secure EMV chip standard. As of 2019, over 3.7 million merchants now accept chip cards.2
Here’s why:
- EMV chip technology is inherently more secure than legacy credit cards. Instead of swiping a cloneable magnetic stripe at the point of sale, EMV cards must be dipped into or waved across a dedicated chip reader. Because these security chips are so hard to copy, in-person purchases benefit from much greater fraud protection
- With liability rules in place, card-issuing banks and merchants are both incentivized to make the transition to more secure EMV technology. Failure to do so exposes them to exorbitant fines if payment fraud occurs
- Most new EMV cards and chip-based readers come with near field communication (NFC) technology that allows for contactless payments. Rather than physically swipe plastic at the terminal, customers can simply wave their plastic across the reader – resulting in faster (and more secure) transactions
Although liability rules might be the driving force behind widespread EMV adoption, the transition is greatly aided by EMV chip technology’s enhanced security, greater speed, and unmatched convenience. Chip-enabled plastic is also the default payment standard for in-person transactions around the globe. This means that terminal manufacturers, card-issuing banks, merchants, and customers who haven’t already made the switch risk being cut out of the “sales” process.
What Equipment Is Needed to Accept EMV Chip Cards for In-Store Payments?
Getting started with EMV technology is a lot easier than most people realize.
As a consumer, all you need is a credit card embedded with an EMV security chip. Because most card-issuing banks ship EMV plastic due to the new liability rules, the majority of customers nationwide carry chip cards in their wallets.
As a brick-and-mortar merchant, you need a credit card machine that can correctly read EMV chip technology. However, this doesn’t mean investing in multiple terminals:
- Nearly all EMV readers come with a magnetic stripe slot for payments made via legacy plastic
- Most EMV terminals now come with NFC technology for contactless payments. This allows merchants to securely accept wireless payments made using EMV plastic or mobile wallets with stored credit card data
Even better, you don’t need to invest in a dedicated POS terminal to start accepting EMV payments. Clover Go, for example, allows merchants to turn their existing smartphones and tablets into portable credit card readers that can securely process payments made via contactless or EMV chip technology.
Does EMV Technology Affect Online Payments?
If you’re an eCommerce merchant, you can continue using your current payment gateway with no additional changes to your checkout flow. This is because there is no distinction between legacy plastic and EMV credit cards when shopping online. In both cases, customers initiate card-not-present (CNP) transactions that don’t require magnetic stripes or embedded security chips.
To ensure all of your online sales benefit from the ultimate in fraud protection, implement best practices to secure your eCommerce website.
A Brief History of U.S. EMV Technology Adoption
EMV chip technology is more secure than magstripe plastic. Still, making the shift to EMV payments proved to be very expensive for small businesses that couldn’t afford the necessary hardware upgrades to their POS systems.
In an effort to facilitate EMV technology adoption, fraud liability rules were altered in 2015 by U.S. credit card issuers:
- Mastercard
- Visa
- Discover
- American Express
After October 1, 2015, liability for in-store counterfeit fraud shifted to whichever side of a transaction wasn’t EMV-ready – either the merchant or the card-issuing bank. As such, non-compliance with EMV chip technology became more expensive than upgrading one’s payment environment. Adoption of the more secure standard began to go mainstream in the U.S.
Since these liability rules went into effect, in-store payment fraud has dropped significantly. U.S. merchants that made the switch saw counterfeit fraud plummet 87 percent between September 2015 and March 2019.3
EMV chip technology has proven so effective at combatting in-store fraud that, starting in April 2018, Visa, Mastercard, American Express, and Discover decided they would no longer require signatures to verify card-based purchases.4
Retailers can still optionally require signatures to verify a cardholder’s identity, but this is at their discretion. Dropping the signature requirement will ultimately help streamline the checkout process without compromising credit card security.
Payment Solutions That Tie to EMV Chip Technology
The most popular type of EMV technology comes in the form of a physical credit card that users must dip into a chip-enabled terminal. This payment option comes in other varieties as well, including:
- Contactless EMV cards
- Mobile EMV technology
- Wearable EMV technology
What Does EMV Chip Technology Mean for Merchants?
More than 3.7 million merchants now accept EMV chip technology.2 That number will only continue to increase as more businesses:
- Grow to appreciate how EMV technology can help reduce fraud
- Face penalties by not complying with the new liability rules
Merchants that don’t make the switch, however, will become easier targets for criminals. Because thieves tend to go after the lowest-hanging fruit, they will increasingly focus their attention on those businesses that continue to only accept magstripes.
What Does EMV Chip Technology Mean for Gas Stations?
The gasoline station industry has been slow to adopt the EMV technology standard – primarily because of cost.
According to industry experts, it will cost gas stations an estimated $6 billion to replace card readers. These upgrades often require that gas stations replace their pumps, hardware, and software to make the transition complete.5
Visa and Mastercard are requiring gas stations make the switch from magnetic stripe card readers to EMV readers at pumps by April 17, 2021.6 Gas station operators that don't meet the deadline may incur penalties, with liability for fraudulent charges transferring from financial institutions to station owners.
The fraud prevention movement should continue paying close attention to the growing pains that gas stations currently experience as they make the transition to EMV technology.
Why Every Business Needs EMV Credit Card Processing
The need for EMV credit card processing all comes down to a few key points:
First Post Emv Software Free
- Greater security and enhanced fraud protection
- Reduced risk of fraudulent losses, penalties, and litigation
- Peace of mind for patrons that their data will stay secure
Although making the switch to EMV chip technology isn’t free, the above benefits more than pay for themselves.
Should Customers Also Switch to EMV Chip Technology?
In one word: absolutely.
Just as EMV chip technology protects financial institutions and merchants, it also protects consumers. When a customer uses an EMV-enabled card or device at checkout, it never leaves his or her hand. This alone helps to reduce potential “in-house” fraud committed by an employee.
The unique transaction code that EMV cards create also provides peace of mind to users. They know they’re better protected from fraud and abuse when making in-store purchases using EMV chip technology.
EMV Technology with First Data
First Data is all about technology, collaboration, and customer service. We stand ready to handle the payment needs of all businesses, whether it’s to:
- Help smaller merchants understand how mobile wallets can affect their bottom line
- Educate large financial institutions how to manage EMV credit card manufacturing
Below represents just some of the EMV-enabled equipment options that mesh seamlessly with our PCI-compliant processing solutions.
1. Clover Go
Clover Go is perfect for anywhere your business goes. No matter where your business takes you, your customers are free to pay however they choose, whether it’s via:
- Apple Pay®
- Samsung PayTM
- Google PayTM
- Contact EMV chip cards
- Contactless EMV cards
2. Clover Station
The Clover Station is a POS system that allows business owners to run their entire business all from one convenient device.
Just like the Clover Go, the Clover Station is EMV-enabled and can also accept standard credit cards, debit cards, and contactless payment solutions.
If barcode scanners or other peripherals are needed to run your business, that’s no problem. You can easily add them to your Clover Station.
Protect Your Payment Environment with EMV Technology
The payments landscape is evolving rapidly, with many banks, merchants, and consumers understandably concerned about fraud.
Although there is no single solution that can completely protect against payment abuse, EMV chip technology is one of the most effective ways to help prevent in-person fraud.
Get information on how you can set up an EMV account with First Data, whether you run a:
Emv Chip Reader Writer Software
EMV is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.
- “Worldwide EMV® Deployment Statistics,” EMVCo.com
- “Visa Report: 3.7 Million Merchant Locations Accept EMV Cards,” ETA Transaction Trends, 9 September 2019
- “Visa: Chip Cards Reduce Counterfeit Fraud by 87 Pct.,” PYMNTS.com, 4 September 2019
- “Signature Optional!” Visa, 5 April 2018
- “EMV Conversion Is Costly, But Post-EMV Fraud Could Cost More,” Convenience Store News, 4 April 2019
- “EMV Deadline Moved to April 2021,” NACS, 4 May 2020
The expected 100% growth in card not present (CNP) fraud by 2018 threatens small and medium businesses as well as enterprises, and companies need to shore up their data and customer analytics now to stem the tide.
That’s a huge number, more than double the expected 2015 CNP fraud total, but history supports it. CNP fraud rates have gone up dramatically in every region that has already implemented EMV technology. Five-year rates for card-not-present fraud rose by 100% in the UK, 233% in Canada, and more than 360% in France after EMV adoption. How can US merchants guard against this incoming wave of CNP fraud?
Verify your transaction data. Work with a payment service provider that offers comprehensive tools for authentication of identity, address, and card data. That includes CVV and CVV2 settings. As more criminals move into CNP, it’s crucial that your business has access to the most up to date methods for spotting stolen card numbers and stolen identities.
In-house screening should also be more stringent and more focused on cross-border transactions. International transactions already carry a higher risk of fraud and chargebacks, and that’s expected to increase as part of the overall CNP fraud boom. When in doubt, call the customer and verify the data. Building detailed and up to date internal negative and positive reference files will speed up the manual screening process over time.
Analyze your customers’ behavior. Of course, skilled criminals can produce authentic-looking data to push a fraudulent transaction through. Behavioral analytics can combat that by evaluating customer behavior in real time. Carol Alexander of CA Technologies describes behavioral analytics as a form of “advanced authentication” because it can determine if the cardholder is really who he or she claims to be. People’s online behavior patterns usually don’t change dramatically, so a change in known cardholder behavior during shopping and checkout can flag a transaction for further screening.
Hide all transaction data. Now is the time to review your company’s overall data security practices, especially transaction data transmissions. Even if your company doesn’t store cardholder data, you can still be vulnerable to theft when transaction data is transmitted. Unless you’re compliant with PCI-DSS standards, you’re liable for potential fines of thousands of dollars per month if customers are victimized by a breach in your network. The easiest way to ensure ongoing PCI-DSS compliance is to partner with your payment service provider, who should be able to give you the tools and advice needed to validate compliance.
Other strong data-protection tools are tokenization and encryption—and merchants can’t just assume they’re automatically provided by their payment gateway. If your company doesn’t already use P2PE (point to point encryption) and tokenization, now is the time to talk with your payment processor about getting those tools implemented. P2PE shields your customers’ card data, from the point of interaction to the processor.
Tokenization adds another layer of security by removing the original card data from the transmission altogether and replacing it with tokens that are useless to anyone who manages to crack the encrypted transmission. Together, tokenization and encryption can help your company achieve PCI-DSS compliance, lower your risk profile, and protect your customers.
Adapt as the landscape evolves. Two-factor authentication was supposed to be a widely adopted tool for data security, but it creates friction that leads some customers to abandon their carts or pay by methods that don’t require the extra authentication step, and many cardholders never opt in. Now 3D Secure, the authentication protocol that underpins Verified by Visa, MasterCard SecureCode and Amex SafeKey, is moving toward risk-based authentication based on real-time analysis of transaction data. The new approach requires stronger authentication on transactions that appear to be high risk without requiring cardholders to first enroll in the program.
Based on the experiences of other countries that have adopted EMV, we know more CNP fraud is coming to the U.S. We know how to reduce it. And we know that CNP fraud is always evolving, so our anti-fraud practices must always evolve, too. Merchants and other players in the US payments system need to stay alert, batten down the hatches, and be ready to pivot as the fraud landscape undergoes big changes this fall and over the next several years.
Photo credit: