When a counterfeit credit card is used at a store’s checkout nowadays, the bank issuing the plastic takes the loss. But starting in October 2015, the liability shifts to U.S. retailers. In other words, they will be financially responsible for fraudulent transactions. To be prepared, merchants will need to upgrade their POS terminals to accept Europay Mastercard Visa (EMV) cards that have an embedded chip designed to protect consumer data.
Getting ready to accept chip cards has certainly been a hot topic of conversation in retail circles recently. Merchants have replaced or upgraded POS systems. So retailers are ready, right? Maybe.
A poll by Boston Retail Partners concluded that 650 percent more retailers will support EMV by October. That sounds promising. But another survey of 200 retail industry professionals taken by ACI Worldwide at the National Retail Federation (NRF) trade show in January found that almost one quarter of respondents are still not fully prepared for the migration to chip and PIN technology. Of the retailers surveyed (55 percent of total respondents), 14 percent say they still have work to do, 19 percent are not prepared, and 22 percent are still evaluating their options.
Evaluating their options? What’s there to evaluate? Either POS terminals are EMV enabled or they aren’t. If the latter, the retailer is responsible for the loss if a counterfeit credit card is accepted and processed at checkout.
I am told that introducing EMV chip payments is not a simple change in card technology. FIME America, a payment consultancy, calls it “a paradigm shift of the payments ecosystem, as the chip introduces transaction, processing and system requirements that are fundamentally different from magnetic stripe.”
If that doesn’t sound challenging enough, consider this: the checkout cashier will be on the front lines of interacting with shoppers fumbling with the chip cards for the first time. I say “fumbling” because shoppers won’t be swiping cards the same way they swipe mag-stripe plastic. They will have to insert the chip card into an EMV-capable terminal, and leave it in. Cashiers will need to be trained to help shoppers and remind them to take the card after the transaction is complete.
Many retailers have not experienced the problem of financial responsibility for fraud. Without EMV-equipped terminals, they will. To make sure that never happens, the folks at First Data sent me some action steps to share with the readers of Progressive Grocer:
1. Start updating your technology. Is your current point-of-sale system (POS) EMV compliant? You may want to call your provider to check.
2. Learn the correct process for accepting an EMV-enabled card. Unlike your standard debit and credit card, EMV cards must be inserted into the POS. This can be tricky for customers using them for the first time.
3. Reach out to your financial institution or payments processor to learn more about how to prepare.
4. Remember that EMV isn’t the only way to protect your business. First Data recommends a layered approach to security – including encryption and tokenization.
Upgrading POS terminals for EMV reminds me of what happened several years ago with the transition to the GS1 DataBar on printed coupons. Product manufacturers embarked on what became a drawn-out affair by first printing coupons bearing the traditional UPC Prefix 5 barcode plus the new expanded stacked barcode. A deadline was set to remove the old barcode. But the deadline was pushed back several times because not enough retailers upgraded their POS systems in time to process the DataBar on coupons.
Finally, after five years, the traditional UPC Prefix 5 barcode will not be used on printed coupons distributed after June 30, 2015. Finally, all POS systems in grocery stores are presumably ready.
Will this history of fluid deadlines be repeated with the October deadline for EMV compliance? I doubt it, but I could be wrong.