Expert Column: How Grocers Can Safeguard Digital Payments
For years, the United States has lagged behind the rest of the world’s large markets in the adoption of Europay, MasterCard and Visa (EMV) technology to reduce magnetic-strip card-related fraud. Today, in the wake of massive and much publicized security breaches among U.S. retailers and increased card fraud losses, the United States is moving to widespread EMV adoption and the use of integrated circuit cards, commonly referred to as Chip-n-Pin or smart cards. By themselves, however, these regulations won't prevent all payment card fraud, nor will they mitigate the financial and brand risks associated with fraud.
The new technology is aimed at reducing card fraud resulting from counterfeit, lost or stolen cards. In addition to the transition costs -- and perhaps more importantly -- grocers could find themselves on the hook for fraudulent transactions that were previously absorbed by card issuers. This could prove to be a larger-than-expected financial liability for unprepared grocers, merchants and their executive leadership teams.
First Step
Payment security has gained the attention of CEOs and boardrooms alike, and is beginning to compete with e-commerce and customer engagement as the most discussed topic in the retail industry. The reality is that EMV adoption is just the first step toward a more cohesive payment acceptance and processing strategy, embracing mobile and online payment and customer engagement considerations, to complement a grocer’s core business strategy. The advantage is not just in terms of risk avoidance and mitigation, but also in terms of improved customer engagement through the true currency of digital payments: trust.
Most grocers may not understand the total amount of fraud they generate today via their transactions. While grocers are aware of -- and are currently liable for -- knowingly fraudulent transactions, this represents only a portion of total fraud now absorbed by financial institutions and card issuers. That's because card issuers build the cost of card-present fraud into their transaction model. The true amount of fraud is hidden from view and offset by the transaction costs charged to grocers.
Grocers using their current level of card-present fraud in future financial scenarios could be unprepared for the amount of fraudulent transactions billed back to them once the new rules are in place.
More Fraud Protection
While many grocers are focused on the purchase or upgrade of more secure POS terminals, successful EMV adoption requires more than a technology solution. And, although EMV is more secure than magnetic-strip cards, it won't stop all criminal card fraud activity. Beyond preparing for the immediate transition to EMV, grocers should consider additional fraud prevention measures to help avoid large security breaches, including network security, malware protection, end-to-end encryption, and tokenization of card data to render any stolen information unusable.
Other emerging needs include the resources, data and tools required to monitor, detect and manage fraud events. The banking industry has invested heavily in monitoring and alerts to detect and analyze fraud behavior, and grocers should now consider developing similar analytic capabilities. The analysis should encompass not only transaction fraud at the payment location, but also consumer buying behaviors and macro trends. As EMV gains wider adoption, fraud will move to other avenues such as card not present for e-commerce transactions, and emerging alternative payment methods. Including proactive monitoring and analytics in your payment strategy is crucial to protecting your customers and managing the risk to your brand.
The security of payment processing is important to customers, and the ability of grocers to secure payments will be an ongoing challenge. Developing an effective strategy is the first step in proactive planning, rather than reacting to regulatory and/or fraudulent events.