by Amy Arcuri
If you are like me, you have been hearing some scary information about this thing called EMV. You are probably hearing various stories about what is going to happen this year; particularly what will happen on October 1st this year. Sorting through all of the information is overwhelming, especially when you hear things from seemingly knowledgeable sources. To be clear, I’m not the best source on the topic of EMV, but I’m a good start in that I know the basics, I have your best interest in mind, I’m not selling equipment, and, most importantly, I have access to great sources that can get us the latest factual information.
This article is a very general overview of the EMV subject, and it won’t answer all of your questions. If you are using the BPAA-First Data Smart Buy program, you will learn more from reading this than those that are processing with other companies. That is not because I’m withholding information on the other companies, it’s because I don’t have the information. Every processor is handing the EMV matter differently. I recommend that you reach out to your current processor and get armed with facts from reliable sources within the company on how they are handling EMV readiness. Reliable being the keyword! Generally speaking, you don’t want to rely on a POS equipment salesperson for facts, and sadly this is true even with Smart Buy partner First Data. While we all know this shouldn’t be the case, not everyone within the processing companies (including First Data) knows what’s happening with EMV, and not everyone within the processing companies (including First Data) has your best interest in mind when they are trying to make a sale on equipment.
So with that in mind, here are the basics on a topic that is anything but basic.
EMV (Europay, MasterCard, VISA) is a technical standard that ensures chip-based payment cards (also known as smart cards) and terminals are compatible around the world. A chip-based payment transaction occurs when a microprocessor embedded in a plastic card or mobile phone connects to an EMV-enabled POS terminal (either contact or contactless) in order to execute a payment. The smart card technology provides an additional form of card authentication for the transaction—validating the legitimacy of the payment type being used and helping reduce the use of counterfeit, lost and stolen payment cards at retail points of sale.
By 2015, the total costs of fraud in the U.S. will be an estimated $10 billion per year. In an effort to reduce fraud exposure and the likelihood of you and your customers becoming victims, processors (like First Data) have adopted EMV technology to provide more secure transactions. EMV, along with encryption and other Integrated Token Services can provide a multi-layered security solution that provides data security across the entire payment process for customers, issuers and merchants.
October 1, 2015, is the date you have heard — the date that alarms centers — the date that some salespeople are using in their attempts to get you to buy expensive new equipment. It’s becoming the date that sales people are using to get you to move your entire processing to another company with promises of free or inexpensive EMV capable equipment. The October 1, 2015, date is quickly becoming the doomsday date, because many merchants think it is the date they will no longer be able to take credit cards — the date their current machines will magically cease to work.
The truth is that the October 1, 2015, date means that any party that has become EMV ready is protected from fi nancial liability for card-present counterfeit fraud losses. And of course the opposite is true: any party that has not become EMV ready is NOT protected from fi nancial liability for “card-present” counterfeit fraud losses. “Any party” means the issuer, the processor or the merchant. The issuer is the institution that provided your customer with a credit card. The processor is the company that processers the transition (like First Data). Of course, the merchant is your bowling center. If the issuer isn’t providing smart cards with chips to their customers (some are not), the fi nancial liability is on the issuer. Yes, there WILL be cards used in your center after October 1 that are not smart cards with a chip.
If the processer isn’t able to process EMV transactions when an EMV card is used on an EMV terminal, the liability will be on the processor. In First Data’s case, they are EMV ready.
Now, here is where you need to pay attention. If the merchant is not using an EMV ready POS terminal when a customer presents a smart card with a chip, the merchant is liable for fi nancial damages if fraud occurs during that transaction.
So let’s be clear about the October 1, 2015 date:
There is no government demand or law that requires merchants to be EMV ready by October 1, 2015. Your credit card terminals will not stop working on October 1, 2015.
If you are not EMV ready, First Data (and likely other processors) will continue to do business with you on October 1.
I’m not sure this should be calming news. The fear of magnetic machines not working on October 1 is tiny compared to the fear that you will be to blame if a smart card with a chip is compromised when you swipe it on your magnetic machine.
I get a lot of calls about the October date. As soon as the caller hears the facts I listed above, they seem resolved to put off the purchase, because they will still be functional. I tell the caller that it’s not a good idea, because you may be functional, but it will be in a pretty dysfunctional environment. Dysfunctional because issuers do not want the fi nancial liability, so they are rapidly supplying their card holders with the smart card with a chip. Many smart cards will be used at your center. Each time you swipe one of these smart cards in your magnetic swipe you are basically saying: “I hope there is no data breech of this credit card number during this swipe, but if there is, I’ll pay for all of it”.
Right now the issuer of the card is responsible for the fraudulent purchases of the criminals that steal card information. After October 1, you will be responsible if the fraud happens in your center, because a smart card was used on your magnetic swipe machine.
I know, I sound repetitive, but it’s so important. I don’t want centers to think they shouldn’t get an EMV terminal just because I’m setting the record straight about October 1.
True, the investment of new processing equipment won’t be noticed by your customers, but the lack of the investment could be noticed by the wrong people.
An EMV ready terminal will have the traditional swipe and an additional slot where smart cards with the chip will be inserted by the owner of the card and left in the slot during the entire transaction. Since not all cards will be smart cards with the smart chip, your staff will want to look for the chip. The chip will be clearly marked on the front of the card. Once they see it’s a smart card with a chip, they will instruct the card holder to insert the chip card into the slot when the terminal prompts. Some cards will prompt for a pin automatically and some will ask for a signature.
Engage in fact-based conversations with all of your Point of Sale (POS) providers to understand their strategy for becoming EMV compliant. M any centers have multiple providers of POS terminals. Make sure you understand their plan to be EMV ready, so you are not liable if fraud occurs after October 1.
If you are not with First Data, who is already EMV ready, discuss with your processor when they will be ready for EMV smart card processing and discuss other ways you can reduce fraud and data theft risks as part of a comprehensive payments security plan.
If you are with First Data, purchase their EMV ready terminals or pin pad and learn how they work. If you are on the BPAA-First Data Smart Buy program, you can purchase the FD130 for $499. This terminal has its own pin pad. Centers that already have an older FD terminal only need to purchase a pin pad for $189, with the exception of the FD55, which will not accept the pin pad. The BPAA-First Data Business Consultant is Linda Ladner: offi ce 770-618-6764 or linda.ladner@fi rstdata.com
Like it or not, some form of EMV will eventually come to the U.S. marketplace permanently, and your bowling center is a key player in this very serious game. Since things will no doubt change as EMV continues to invade your space, stay educated with facts and don’t believe everything you hear. Sales people will make up stories to gain your confi - dence and even people with good intentions can confuse the issues.
The following are good sources to learn more about chip technology and related security measures for the payments industry:
First Data white paper: EMV in the U.S.: Putting It into Perspective for Merchants and Financial Institutions
Card Payments Roadmap in the United States: How Will EMV Impact the Future Payments Infrastructure?
The Mobile Payments and NFC Landscape: A U.S. Perspective