Banks are concerned that many retailers, especially smaller ones, won't be ready to transition to the EMV chip cards later this year. Liability will shift from the card issuers to the retailers and banks in October if retail point-of-sale systems and banking methods aren't EMV-compliant.
Banks or retailers, the blame will fall upon the party that is least EMV-compliant, and while many large retailers will be ready, smaller businesses are becoming a cause of concern for the banks. As a result, some banks are moving slowly on EMV, anticipating retailers' lack of readiness.
For example, if a store that isn't EMV-compliant sells an expensive item to a person using a fraudulent card, they will be responsible for the charge, and not the issuer, as has been the case in the past. Such a financial hit could have significant consequences for their business, but it could also make the bank look bad, reported American Banker.
"I don't want to see headlines saying, 'Big Bad Bank Put Mom's Pizza Shop Out Of Business,'" said David Pollino, senior VP and enterprise fraud prevention officer at the Bank of the West. "But it's coming if merchants don't take it seriously."
EMV stands for Europay, MasterCard and Visa. It is a global standard for the inter-operation of integrated circuit cards (IC cards or chip cards), and IC card-compatible POS terminals and automated teller machines. It authenticates credit and debit card transactions.
Because EMV cards are embedded with microchips, they are seen as being more secure than magnetic stripe cards. Fraudulent purchases using fake or stolen cards resulted in $3 billion in losses at the retail point of sale in 2014, according to the Aite Group. That number would decrease with the EMV cards, proponents said.
However, the Aite Group reports that 46 percent of merchants have not begun preparing to accept EMV cards, while 34 percent said they had not heard of the transition to EMV cards.
Another study issued last week by The Strawhecker Group showed that only 34 percent of U.S. merchants will be ready for EMV by the October deadline, with 53 percent of merchants being fully compliant by 2017.
"The marketplace has reached a critical point," said Ken Oros, senior associate at TSG. "Many merchants lack awareness of the EMV mandate or may be hoping to avoid future liabilities. While hurdles are indeed present, merchants can no longer avoid having specific security measures in the face of the rising number of data breaches."
With the low compliance rate expected by October, there is speculation that the deadline will be pushed into 2016. "I know several of the merchant acquirers surveyed left comments hoping for a delay," Oros said. "It will be interesting to see what happens as the industry approaches October."
The EMV Migration Forum has produced a document outlining the minimum requirements for chip deployment for issuers and merchants. The EMV Minimum Requirements Matrix is intended for issuers, merchants, acquirers, processors and vendors that are planning EMV chip program deployments in the United States. The document is a tool for stakeholders to use as a baseline from which they can work with their partners to determine their best strategy to meet requirements as the fraud liability shift approaches, according to a statement issued by the EMV Migration Forum.
-See this American Banker article
-See this press release from The Strawhecker Group
-See this EMV Migration Forum press release
-See the EMV Minimum Requirements document and matrix
EMV cards to see heavy use by year's end
55% of retailers not prepared for EMV migration
Retailers, banks spar over chip-and-PIN cards
CES: Personal security concerns spur new credit card products
Walmart banks on mobile payments, chip-and-PIN