As Americans, swiping the magnetic strip of a credit card to complete a transaction is a familiar ritual. However, shifts in industry and government will soon render swipe-and-sign transactions extinct. In short, swipe-and-sign is simply not as secure as the chip-and-PIN method, where the card is inserted and a microchip is read. For a variety of historical reasons, America has lagged behind the rest of the world in shifting to chip-and-PIN technology.
After the high-profile credit card data theft from retailers Target and Neiman Marcus, the major credit card brands have announced plans to change chargeback rules, effectively shifting liability for certain fraud to merchants and their acquirers, if they haven’t implemented EMV-secured ‘chip-and-PIN’ systems by Oct. 1, 2015. Currently, card issuers are mostly liable for counterfeit card fraud losses. The liability shift is meant to encourage merchants and card issuers to quickly adopt the more secure EMV technology. Some brands are even offering incentives like reduced chargeback fees for merchants who switch to EMV technology. Additionally, President Obama issued an executive order in October, 2014, requiring government systems to update to EMV systems by January, 2015.
What does this mean for your business? If you have not installed EMV-enabled terminal, virtual terminal, mobile device or point-of-sale system, you may be liable for fraudulent transactions beginning October 1, 2015 if an EMV card is presented but the merchant chooses to process the payment using the magnetic stripe instead. Making the switch now will prevent significant liability exposure beginning in October 2015.
Some helpful resources for businesses include: