Read on for all you need to know about the increased EMV security to combat card fraud and the EMV regulations update.
The times they are a changin’. On October 1st banks within the U.S. began implementing increased EMV security for all debit and credit card processing. In lieu of recent large-scale data breaches (think Target and Home Depot), this new security measure will combat card present fraud by shifting the liability to the merchants. EMV, which stands for “Europay, Mastercard and Visa,” is the global standard for computer chipped cards as well as the technology used to protect transactions.
For cardholders, this is as simple as receiving a new card from your bank that contains the EMV compatible computer chip (that small, metallic square). For brick-and-mortar stores, this is a much more demanding shift that requires merchants to provide the technology and systems necessary to process the chipped cards.
The reality is that fraud will never go away. While this new protocol focuses mainly on changes within the card-present environment, there are still some changes that online retailers should be ready for. The reality is that fraud will never really go away, instead we will see it shift elsewhere (online) as it becomes harder and harder to hack into retail systems. With increased CP security, CNP becomes more vulnerable to hackers.
Studies show that when other countries shifted the EMV regulations and liability laws, there was a drastic increase in online and card-not-present (CNP) scams. In the 10 years since changing EMV liability, the UK has experienced a 40% increase of CNP fraud. While we can’t be sure that the United States will experience the same 40% increase, at the very least we can be sure there will be an increase in fraud attempts.
For merchants, the best defense to these cyber-attacks is to make sure that you are fully prepared with a multifaceted and aggressive approach. Most payment processors will provide various security and authentication tools to help protect vendors, but there is still a fair amount of room for cyber-attacks. Educate yourself about the technology your payment processor already has in place, and don’t be afraid to stack on additional security tools such as tokenization, end-to-end data encryption, IP proxy piercing and geolocation.
Though it sounds obvious, it’s worth noting that fraud is bad for business. Fraud leads to chargebacks, dips in sales and of course, unhappy customers. Ensure that your business survives and thrives the ongoing changes within the payment industry by staying one step ahead of the bad guys.