The Food Marketing Institute, the trade association representing the interests of supermarket chains and other food retailers, has asked the credit card industry to delay the deadline marking the shift in fraud liability from card issuers to retailers, many of whom who are not ready for EMV.
With U.S. retailers seriously lagging in their efforts to implement point-of-sale systems capable of accepting EMV chip cards, it was only a matter of time before many would seek an extension. FMI wants the October 2015 deadline pushed into 2016, which presumably takes into account the hectic fourth quarter when retailers are focused on making sales and when big changes in POS equipment would be untenable.
FMI sent a letter to Visa, MasterCard, American Express and Discover Financial Services in late March requesting the extension. The National Retail Federation and Retail Industry Leaders Association have also told the card issuers they want an extension.
"Regardless of how strong the commitment or how many dollars invested, the reality is that the system will not be ready to meet the card networks' arbitrarily-set mandate for the liability shift in October 2015," said the letter from FMI, written by Leslie Sarasin, FMI's president and chief executive, as reported in the Wall Street Journal late last week.
Unfamiliarity with the different processes involved in handling the cards will likely slow checkout times during the fourth quarter, she wrote, and there is a 16-week delay in delivering the new equipment to merchants.
MasterCard and American Express said they do not plan to change the date. Visa and Discover did not provide a comment for the WSJ article.
While 70 percent of U.S. credit cards and 41 percent of U.S. debit cards will be EMV-enabled by the end of 2015, 46 percent of merchants had not begun preparing for the EMV transition and 34 percent had never heard of it even three years after the initiative was announced, according to a study by the Aite Group published earlier this year.
Meanwhile, many credit card issuers will not have fully implemented the EMV technology by the October deadline, PaymentsSource reported. Although the changes in fraud liability will also affect banks and other institutions, they are spreading the migration expense out over time. "We expect to be nearly entirely migrated by the first quarter of 2016," said Jim Bell, senior VP of card services at Fifth Third Bank.
The card issuers' deadline has seen a subtle shift in the past year. While it was once said to be Oct. 1, most players, including the Smart Card Alliance championing the transition, now simply say "October, 2015."
The National Association of Federal Credit Unions is strongly opposed to FMI's request. In a letter to congressional leaders last week, NAFCU President and CEO Dan Berger said retailers should be subject to the same data security standards that financial institutions are required to adhere to.
"FMI's delay tactic is remarkable given the extraordinary number of merchant and retailer breaches that have occurred in recent months, coupled with the intense interest in preventing breaches from lawmakers and regulatory agencies," he wrote. "Despite the continued 'chip and PIN' rhetoric from groups like the National Retail Federation and Retail Industry Leaders Association, their large retailer members are contacting the payment networks and demanding an implementation delay. Congress should not be fooled by these groups' unscrupulous tactics and falsehoods."
The biggest retailer, Walmart, is said to be ready for EMV, but one of its executives criticized the new technology as "a joke." The "chip and signature" approach offers only a small improvement in the areas of security and fraud, said Mike Cook, Walmart's assistant treasurer and senior VP, speaking at last week's Electronic Transaction Association's Transact conference.
Walmart preferred the "chip and PIN" (personal identification number) system used in Europe and Africa, as PINs protect card theft. "The fact that we didn't go to PIN is such a joke," Cook told CNNMoney.
"Signature is worthless as a form of authentication," Cook said during a presentation at the conference. "If you look at the Target and Home Depot breaches... not a single PIN debit card needed to be reissued in those breaches. The card number was worthless to the individual thief and fraudsters, because they didn't know the PIN."
-See this Wall Street Journal article
-See this PaymentsSource article
-See this EMV Connection timeline
-See this NAFCU press release
-See this CNNMoney article
-See this Credit Union Times article
Banks worried that retailers won't be ready for EMV
EMV cards to see heavy use by year's end
55% of retailers not prepared for EMV migration
Retailers, banks spar over chip-and-PIN cards
Walmart banks on mobile payments, chip-and-PIN