Liability Shift – Are You Getting Ready for EMV Technology?


Liability Shift
Are You Getting Ready for EMV Technology?

What is EMV Technology and how will it affect you and your business?

Quoting (excerpts) from Wikipedia:

EMV, which stands for Europay, MasterCard, and Visa, is a global standard for inter-operation of integrated circuit cards (IC cards or “chip cards”) and IC card capable point of sale (POS) terminals and automated teller machines (ATMs), for authenticating credit and debit card transactions.

The purpose and goal of the EMV standard is to specify interoperability between EMV-compliant IC cards and EMV-compliant credit card payment terminals throughout the world. There are two major benefits to moving to smart-card-based credit card payment systems: improved security (with associated fraud reduction), and the possibility for finer control of “offline” credit-card transaction approvals. One of the original goals of EMV was to allow for multiple applications to be held on a card: for a credit and debit card application or an e-purse.

EMV chip card transactions improve security against fraud compared to magnetic stripe card transactions that rely on the holder’s signature and visual inspection of the card to check for features such as hologram. The use of a PIN and cryptographic algorithms such as Triple-DES, RSA and SHA provide authentication of the card to the processing terminal and the card issuer’s host system. The processing time is comparable to online transactions, in which communications delay accounts for the majority of the time, while cryptographic operations take comparatively little time. The supposed increased protection from fraud has allowed banks and credit card issuers to push through a ‘liability shift’ such that merchants are now liable (as from 1 January 2005 in the EU region) for any fraud that results from transactions on systems that are not EMV capable.[4]

Although not the only possible method, the majority of implementations of EMV cards and terminals confirm the identity of the cardholder by requiring the entry of a personal identification number (PIN) rather than signing a paper receipt. Whether or not PIN authentication takes place depends upon the capabilities of the terminal and programming of the card.

In many countries of the world, debit card and/or credit card payment networks have implemented liability shifts. Normally, the card issuer is liable for fraudulent transactions. However, after a liability shift is implemented, if the ATM or merchant’s point of sale terminal does not support EMV, then the ATM owner or merchant will be liable for the fraudulent transaction.

In the United States, Visa,[29] MasterCard[30] and Discover[31] in March 2012 – and American Express[32] in June 2012 – have announced their EMV migration plans for the US. In spite of these announcements, doubts remain over the willingness of merchants to develop the capability to support EMV.[33] Since the announcement, multiple banks and card issuers have announced cards with EMV chip-and-signature technology, including American Express, Bank of America, Citibank, Wells Fargo,[34] JPMorgan Chase, U.S. Bank, and several credit unions.[35] JPMorgan was the first major bank to introduce a card with EMV technology, namely its Palladium card, in mid-2012.[35]

  • American Express is implementing a liability shift for point of sale terminals in October, 2015.[36] For pay at the pump, at gas stations, the liability shift is October, 2017.
  • Discover is implementing a liability shift on 1 October 2015. For pay at the pump at gas stations, the liability shift is 1 October 2017.[28]
  • Maestro implemented a liability shift of 19 April 2013, for international cards used in the United States.[37]
  • MasterCard is implementing a liability shift for point of sale terminals in October, 2015.[36] For pay at the pump, at gas stations, the liability shift is October, 2017. For ATMs, the liability shift date is in October 2016.[38]
  • Visa is implementing a liability shift for point of sale terminals on 1 October 2015. For pay at the pump, at gas stations, the liability shift is 1 October 2017.[39] For ATMs, the liability shift date is 1 October 2017.

In most other countries the liability shift has already taken place.

We want you to know that thanks to our partnership with Cayan (formerly Merchant Warehouse),flowerSoft will be ready for the EMV technology and the upcoming liability shift whenever it takes place in the United States.

4 thoughts on “Liability Shift – Are You Getting Ready for EMV Technology?

  1. How will this affect phone/web orders which is the bulk of credit cards we process thru flowersoft?

    How will this work for a walk-in customer and processing thru FlowerSoft… will we need a reader or another piece of equipment or will it all work thru FlowerSoft?

    Thanks, Terry

    1. Phone and web orders will not be affected, as far as I know.
      As per Wikipedia…
      Visa and MasterCard have also developed standards for using EMV cards in devices to support card-not-present transactions over the telephone and Internet. MasterCard has the Chip Authentication Program (CAP) for secure e-commerce. Its implementation is known as EMV-CAP and supports a number of modes. Visa has the Dynamic Passcode Authentication (DPA) scheme, which is their implementation of CAP using different default values.

      For in-store sales you will need a piece of equipment, like Cayan’s (Merchat’s Warehouse) Genius device.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s