Will Retailers be Ready for EMV by Oct 2015?

Posted by:


In October 2015, the much-discussed Payment Networks’ Liability Shift associated with EuroPay, MasterCard, and Visa (EMV) is due to take effect in the United States. It’s a major milestone for financial companies (meaning banks and credit unions), credit card issuers, retailers, and more. There is a great deal of information, and misinformation, afloat regarding the US EMV migration roadmap as presented by the Payment Networks. Shedding some light on the realities involved is helpful for everyone concerned.

There are an estimated 1.24 billion payment cards and 15.4 million POS terminals currently in use, most of them in other countries. Making global financial transactions work across many cards and devices are smart chips embedded within new EMV-compliant credit and debit cards. These chips make interfacing with the various POS terminals possible. However, the EMVCo standard has yet to be adopted globally, a situation that the Payment Networks’ EMV migration roadmap for the US intends to correct. To date, Europe, Canada, Latin America, and the Asia/Pacific region are all well on their way with migrating from the legacy magstripe standard to EMV chip card technology. The U.S., the world’s single largest user of payment cards, has just begun the process. However, the potential impacts of being the last bastion of magstripe technology is forcing U.S. financial entities to take the idea seriously.

The main driver behind the EMV migration is card-related financial fraud. Despite the best efforts of global law enforcement agencies, global losses have risen steadily, increasing pressure to find a global solution. Annual costs of card fraud in the U.S. alone are estimated at $8.6 billion per year. Experts believe that figure will rise to $10 billion or higher by 2015, especially if the U.S. does not make significant progress with chip card adoption.

The rising cost of fraud is accompanied by a concurrent rise in mobile payments. In 2010, the total gross dollar volume of mobile payments in the U.S. alone was $16 billion; some experts expect this volume to rise to $214 billion by 2015. If ever there was a time to ensure compliance with a global chip-compatibility strategy that reduces fraud, it’s now. This is especially true in light of the fact that many countries are now considering banning traditional magnetic stripe cards, a technology standard in use for over 40 years.

It’s estimated that 40% of the world’s cards and 70% of its terminals deployed outside the U.S. are today using the EMV standard. Visa, a prime mover in the US migration to EMV, states that the pace of EMV-adoption is accelerating globally, estimating that right now, 62% of transactions conducted across international borders involve a chip-enabled card used at a chip-enabled terminal. Currently, our government is content to let the financial industry set its own course- but that hands-off approach may not last long.

One key component in the EMV discussion is its accompanying liability shift. This liability shift means that those issuers and merchants using non-EMV compliant devices that choose to accept transactions made with EMV-compliant cards assume liability for any and all transactions that are found to be fraudulent. MasterCard defines the liability shift this way: The party, either the issuer or merchant, who does not support EMV, assumes liability for counterfeit card transactions. Understand that by issuer, the card companies do not mean themselves; the term refers instead to banks, credit unions, and any other financial institution issuing credit or debit cards.

Liability is an emotionally charged power word with potentially huge and disturbing ramifications. Still, the threat of assumed liability does not mean that entities involved in card-based transactions must move toward EMV compliance immediately. What it does mean is that issuers, acquirers, merchants, and others must start planning their course of action. For some, like ATM acquirers for which cross-border EMV transactions are minimal, accepting the risk imposed by the liability shift in favor of implementing compliance later might be the best strategy. For others, some EMV-related implementation is essential, so planning must begin soon, if it’s not underway already.

Funding that implementation of EMV-compliant cards and devices represents a major expense item. Courtesy of Javelin Strategy & Research, here’s a big picture look at potential costs involved in achieving EMV compliance in the U.S.:

Cost of migrating to EMV

No matter how you slice it, $8.65 billion is a big number, however, there is a positive aspect to this. Earlier in this post, I pointed out that by 2015 it is estimated that the annual cost in this country for card-related fraud is $10 billion. If companies commit to the $8.65 billion spend in 2014, then fraud-related costs for 2015 could drop exponentially. With improved EMV-compliant technologies and continued reduction in the frequency of fraud thanks to intensified law enforcement efforts, improvements should continue, adding up to a positive ROI.

There are other advantages worth noting:
• Many of the ATM manufacturers have already changed over to EMV-compliant technology, reducing costs on this front.
• Chip-enabled cards, while initially more expensive to produce, have a longer shelf life than magnetic stripe cards, as well as being capable of ‘flash-updating,’ lowering their costs over time.
• VISA offers merchants who make the conversion an incentive package, relieving some of the financial burdens on that side.
• Adoption of EMV-compliant cards and devices is seen by many as a step toward wider adoption of mobile payment methods.

So where do we stand today?

• According to EMVCo, 1.55 billion EMV cards- accounting for 41% of the total payment cards in circulation worldwide- have been issued as of Q2 2012.
• It also reports that 18.7 million EMV-compliant POS devices- accounting for 71% of the total number- were installed in Q1 2011.

This chart, courtesy of EMVco, provides a quick glance at how far along adoption is in other countries:

EMV adoption in other countries

As far as timelines for compliance, the main entities behind the EMV Mandate have individualized their requirements. Courtesy of the SmartCard Alliance, here is a chart listing their timelines:

Timeline for EMV Milestones

These dates make one thing clear: While EMV may not impact your business today, it soon will. Are you prepared?

Jeff Carelli

Jeff Carelli

Jeff Carelli leads the Credit/Fraud product group. With over 15 years of experience in the Payment Card Industry, Jeff’s knowledge in Credit and Fraud Solutions has been very valuable to FIS Global.

More Posts

Follow Me:
TwitterLinkedInGoogle Plus

2
  • Pingback: Tokenization: Introducing a New Global Standard? - Total Payments : Total Payments

  • MyrddinWilt

    The cost of deploying EMV is probably greater than the annual fraud losses.

    But the reasons that EMV deployment is inevitable are (1) card fraud is a major source of funds for organized crime and terrorism, (2) the costs of dealing with the fraud falls on the public purse and the government does not want to continue to pay for investigating and prosecuting preventable fraud or locking up the convicted criminals and (3) Target and Home Depot are fed up of the banks making their rubbish card security model their problem.

    I think Home Depot is going to be litigating any attempt by the banks to hold them liable for the data breach. It was the bank’s own negligence that made it possible.