Merchant compliance with EMV continues to grow. Since my article “EMV: Is Your Business Still at Risk?” EMV participation has grown from 35 percent to estimates as high as 60 percent. Unfortunately, that still leaves almost half of merchants on the hook for fraudulent transactions. How we get that other 40 percent to convert is the next big task.
Causes of Non-compliance
I was talking with a colleague and he told me about a cab ride that he recently took. The cab driver had an EMV-compliant Square terminal in his cab. If a cab driver has an EMV capable device, why don’t all merchants have them? The easy answer is the cost. Terminals and POS systems in retail settings are expensive. Indeed, fueling stations are getting an extra year’s reprieve because the cost of changing out entire pumps, as is necessary in many cases, is huge.
But cost isn’t the only reason for non-compliance. Some merchants don’t understand the risk they assume when a customer makes a transaction with an EMV-compliant card and they don’t process it as an EMV transaction. The POS they have works – why change it?
A good reason to update is that non-compliance can be catastrophic to a small merchant who is targeted by fraudsters. If someone told you that you need to update your software on your computer because you’re going to be hacked and lose all of your files, you might update it. But until disaster strikes, some people don’t want to spend the time or money to make a change.
On the processor side, some are lagging in providing small merchants with EMV compliant terminals or POS devices, or, if merchants have their own POS devices, integrating them with the processor to pass EMV transactions. In the rush to get a large swath of big retailers compliant, some small merchants have been missed. If you’re one of those merchants, you need to put pressure on your processor to provide the equipment or the software you need to enable EMV transactions.
Getting More Merchants Compliant
On the other side, in an effort to pressure more merchants to become compliant, processors are now using punitive measures. Some have even turned to charges for non-compliance, similar to what they did to improve PCI compliance. This approach has been successful at getting people’s attention as they look to eliminate the charges from their monthly bills.
Growing awareness of EMV also is contributing to increased compliance. Merchants are also consumers who shop and are exposed to EMV compliant systems. If a competitor down the street can process an EMV transaction, they are more inclined to keep pace.
As EMV becomes the norm rather than the exception, consumers expect to dip their chip instead of swiping. A “soft benefit” of that is the sense of safety consumers get by making a transaction with a chip card, even though it’s actually the merchant benefitting from the added fraud protection. As consumers acclimate to EMV, I’ve noticed less fumbling and grumbling at the POS. Dipping is becoming just another step in the evolution of how people pay with credit cards – evolving from the old-school carbon copy readers to swiping and now dipping.
To use a football metaphor, we’ve moved from the 25-yard line all the way down to the 60-yard line, but we’re not yet at the goal line.
Remember, as more merchants become EMV compliant, the bad guys don’t go away. They just move to a new neighborhood. If you don’t want them as your next door neighbors, you need to take action and call your processor.