Today, security is often at the forefront of most people’s minds when they swipe their card. The recent security breaches at Home Depot and Target is fresh in the minds of consumers when they go out shopping. The chip and pin is heralded as the technology needed to thwart security breaches.
While other countries have adopted this technology, the United States continued to rely on magnetic stripe cards and is now slowly embracing EMV. Merchants should implement the EMV standards by the EMV Compliance Deadline in October 2015 that moves the liability between card issuers and retailers. EMV compliance is not mandatory but without adopting the standards, liability for fraudulent activity rests on the Financial Institution and merchant that has not upgraded their systems to be EMV compliant. If both have upgraded to support EMV, liability stays as is currently in place with mag-stripe. For example, if a consumer swipes an EMV compliant card at a merchant’s non-EMV compliant terminal, the merchant assumes 100% responsibility for the charge if it turns out to be fraudulent.
Financial Institutions Preparation
Financial Institutions need to start preparing for the EMV migration now as most experts point to a 9-12 month window of implementing new software into the field. A benefit of starting now is that your debit customers can begin to understand the change from their familiar mag-stripe to the chip. Customers should be informed of changes such as the requirement that your EMV Debit will be held in the ATM during the entirety of their ATM transaction.
Financial Institutions should begin incorporating debit EMV migration into their budget now. Consider the different business options available to work the new EMV debit cards into the market while mitigating cost. For instance, it is recommended for Financial Institutions to begin their debit EMV roll out to a pilot group of employees that can learn about the cards and share personal experiences with other customers. Financial Institutions can also examine their card re-issue schedule and begin to issue EMV chip cards to those customers with expiring dates or security compromises. By working chip cards into your reissue cycle now rather than waiting until the compliance deadline can help minimize the expense of reissuing all at once.
Educating your Customer
The consumer should know that EMV is not a bulletproof protection against all debit fraudulent activity. There are still inherent security failures in the system that can be compromised by diligent hackers. One of the major areas EMV does not address is a card-not-present transaction such as online shopping. Since Internet transactions are usually completed by entering a card number and not transmitting data through the chip embedded in the card, fraud can still occur.
Financial Institutions should be careful in regards to the methods used to educate their customers about EMV. Clear lines of communication should be available to customers so they are not scared into thinking they need to have EMV cards immediately. Customers should not be lead to believe that if their Financial Institution does not carry EMV right now that they should go out and find one that does. Communication between the customer and Financial Institution is the most important aspect for a seamless transition from debit mag-stripe to EMV chip. Educate your customer, don’t scare them.
As the EMV migration gets closer, be sure your plan includes: the cost and cycle in which you will be reissuing cards, a potential pilot program with employees and education to debit customers with the changes taking place at the ATM and when they will be expected to use pin vs. signature.