In 2017 alone, the Federal Reserve reported that consumers used their credit cards 123.5 billion times, and chip-authenticated purchases accounted for half of all value from in-person transactions. EMV chip cards have become a major part of consumers’ lives, and yet many businesses still don’t understand them or accept them as a form of payment. And while that could be costing you major profits, there’s a second issue to consider as well: the EMV liability shift.
EMV stands for Europay, Mastercard and Visa, however, today, the term is a recognized way to refer to any card with an electronic chip. EMV cards offer a secondary method of payment in addition to the classic magnetic stripe, in the form of a small computer chip. The chip stores client data and interacts with your POS system during a transaction to create a unique transaction ID.
Why the switch? Magnetic stripe cards are unfortunately relatively easy to “hack” because the coded information on the stripe never changes. This makes it simpler for a credit card fraudster to steal your personal information and use it. Because EMV technology creates a new set of data for each transaction, your information is much more secure.Buy It Now
The EMV liability shift came from card issuers, who wanted to promote the use of EMV chip cards that would better protect their customers from identity theft. The higher security standard of EMV technology was predicted to radically cut down on fraud, making it beneficial for issuers, consumers and merchants to get on board. Prior to the shift, if credit card fraud occurred or data was stolen through a purchase at a merchant, the merchant was not considered responsible, and the card issuer would cover the costs, though many times the financial burden would inevitably fall on consumers.
The official EMV liability shift date was the start of October 2015, when national card companies declared a shift in liability, that is, responsibility in regards to credit card fraud. According to the shift, if a business has EMV capabilities and processes payment from an EMV chip card via the magnetic stripe instead, that business would be responsible for any potential fraud from the transaction.
It’s important to understand that the chip liability shift is a business responsibility shift, not a federal or state law. Rather, by issuing their declaration, credit card issuers have protected themselves against the costs of fraud by placing the financial burden of fraudulent charges via magnetic strips on merchants.
Here’s how to know if you are liable, according to the EMV liability shift rules. If you are a merchant that owns uses POS system or card reader to process transactions, you are responsible for making sure that ALL chip cards are “dipped,” not “swiped.” This includes both merchants who have an EMV-enabled system AND those who haven’t switched over yet. If you swipe an EMV card instead of processing a proper EMV transaction, you are considered liable for fraudulent activity that may occur as a result.
The exceptions to this rule are ATM owners and gas stations, where the cost of upgrading to EMV technology was deemed too high for the shift.
Let’s take a deeper dive to better understand who is liable in different payment situations:
Example #1: A chip card is swiped at a store, and the credit card information is stolen. Who is responsible? The Merchant. Example #2: You tried to “dip” the chip and pin card, but it malfunction, so you had to swipe the card instead. Who is responsible? The Card Issuer. Example #3: A stolen chip card is dipped in an EMV-compliant POS. Who is responsible? The Card Issuer. Example #4: A counterfeit card made from stolen chip card data is swiped by a fraudster during an unauthorized transaction at a store that is not EMV ready. Who is responsible? The Merchant.
In short, the answer is: yes! In 2014, stolen cards and counterfeit cards accounted for 51% of credit card fraud, including EMV fraud in the US vs. 45% from card-not-present fraud, according to data from Discover. By 2018, card-not-present fraud had surged in comparison, becoming 80% more prevalent than in-person fraud. In addition, overall fraud fell 15% in 2018 alone, from 16.7 million victims to 14.4 million.
Though the numbers are still shocking when it comes to fraud, and how many people identity theft impacts, the EMV liability shift has played a large role in the reduction of in-person fraud. Additionally, the downward trend in fraud complaints is likely to continue as more and more merchants become EMV compliant.
Following EMV compliance standards doesn’t have to be overwhelming, expensive or difficult. SumUp’s POS system and card readers are all EMV enabled, making it easy to accept card payments in the most secure way. Plus, switching is simple and easy, with an integrated app and invoicing software, and wireless terminals that only require connection to the internet.
The SumUp card reader is small enough to fit in your pocket, and you only ever pay a flat transaction fee. That means no extra fees or monthly charges. Ever. So if you’re looking for the easiest way to become EMV ready, it’s time to get started with SumUp.