The October 2015 deadline to implement EMV payment technology has long passed, but still 42 percent of retailers have not updated their systems in spite of the increased risk of liability.
Thanks to the Visa- and MasterCard-backed initiative, individual retailers are now liable for fraudulent card purchases made in the United States. There are roughly $8 billion in fraudulent card purchases each year, according to CardHub, which puts retailers at a high degree of risk.
Target was forced to pay out roughly $329 million in expenses following its data breach in 2013. Not surprisingly, Target is among those retailers now fully EMV compliant and reached that milestone ahead of the deadline.
Close to 43 percent of retailers that have experienced data breaches in the past five years still have not updated their terminals, according to a new survey by CardHub.
Ask at checkout, and the reasons given vary from a shrug to an assurance that the store is is checking signatures to offer added protection. But few shoppers are likely asking—56 percent of shoppers don't care if a retailer's payment terminal is enabled and 41 percent don't even know if their card contains a chip, according to the study.
Many large retailers are EMV compliant. CardHub surveyed companies and found that Walmart, Target, The Home Depot, Macy's, Walgreens, CVS and Best Buy were 100 percent compliant as of March.
Most however, are in state of transition or have yet to begin implementing changes. Several have experienced data breaches—including Kmart, Albertsons, Supervalu, Staples, BeBe and Neiman Marcus—but are still not fully compliant.
Only 60 percent of the retailers that had pledged to complete terminal upgrades before Oct. 1 have done so.
-See this CardHub study
Why retailers must be leaders in EMV chip card adoption
Target: Timeline of a data breach
How to keep EMV confusion from ruining Christmas
Cyber security affects consumer holiday spending
Retail security issues move from CIO to the C-suite