The world of credit card payment has become complex and far-ranging, so you’d be justified to feel as though you’re behind on the jargon. The U.S. only made the switch to EMV technology in 2015, and retailers are still unsure about how it affects them because it’s all buried in verbiage.
EMV stands for Europay, Mastercard, and Visa, although it represents all chip and sign cards. The only reason these particular international card behemoths are featured in the acronym is that they started the evolution of credit card payment and represent the global standard for enhanced security. EMV technology is simply chip-based credit cards that hold and transmit data to a reader during payment processing. The USA currently requires buyers to use both their chip and signature for card payments.
Almost every country in the world has adopted EMV already. The USA has lagged behind because it distrusted the quality of chip-based security. Its reluctance was unfounded: Chip cards have almost eradicated brick and mortar credit card fraud. Globally, only two contactless models have emerged on a grand scale: EMV and magnetic strips. The difference between the two is a simple one: EMV chips create new transaction numbers with every payment, whereas magnetic strips only carry one. This makes counterfeiting possible, which is why EMV has had such a potent impact on overseas credit card fraud. Countries like France, Thailand, and Canada had embraced EMV before 2011, so this technology has enjoyed a long and successful trial overseas.
EMV technology has created a central body that will work together to overcome any security issues that may emerge in the future. This collaboration will have outstanding payoffs for merchants, making it possible to solve problems faster and more thoroughly.
EMV has introduced a generation of mobile contactless technologies, but as yet, only readers have evolved to full mobile saturation. The use of smartphones instead of credit cards is steadily growing, but whether this mode of payment will take over the market entirely remains to be seen. Mobile readers like SumUp make use of merchants’ phones to transmit information from card to network, usually through Bluetooth technology. The card market is fairly fragmented in that there are several different modes of processing and networks, a problem that EMV will solve.
Near field communication (NFC) is emerging alongside Bluetooth as a leading wireless technology for contactless card payments. It’s rudimentary in comparison to Bluetooth and far more sluggish, connecting within six seconds. Given that the industry now processes entire payments within three seconds, NFC cannot live up to buyer expectations. NFC can also communicate over only a four-centimeter distance in comparison to Bluetooth’s 30 feet.
Mobile wallets emerged as an option many years ago, but they’ve not kept up with the media’s optimistic projections. They attracted little interest from merchants and fell behind when EMVCo technology became possible. This new form of EMV will eventually place all your credit, debit, and insurance data on a single smartcard, which will be far more powerful than a standard smartphone wallet. Multi-application plastic wallets are likely to be embraced on a wide scale in the future, making the shift to EMV all the more important for retailers who want to accept credit card payments using technology that’s consistent with industry standards.
Mobile credit card payment that connects buyer smartphones to merchant devices still requires a chip or SD card to be installed. Since EMV cards require nothing more than a budget-friendly piece of plastic, they’ve overtaken smartphone wallets and fulfilled security needs more robustly than phone payments ever could
To encourage chip card payments, card brands required merchants without EMV compatibility to cover their fraud losses if they’d not yet made the shift by October 2015. Retailers lose $580.5 million to debit card fraud each year. The federal card network policy protects buyers from liability for fraudulent transactions, but until 2015, merchants were shielded from it too. Card issuers will bear fraudulent losses as long as you have an EMV reader, making this technology one of the cheapest “insurance policies” you’ll ever have. Most US consumers now have chip cards, and while the technology isn’t bulletproof, it’s resulted in a drastic drop in ‘card present fraud’.
Every time you accept credit cards payments, they become vulnerable to chip and skim attacks, which clone cards to process fraudulent transactions. Cambridge University’s security researchers have found that the best way to avoid card present attacks is to implement EMV securely according to industry standards. Certified terminals make cards harder to counterfeit, which is why fraud is steadily moving to online payment ecosystems, but merchants still hold plenty of sway over how secure their EMV implementation will be. A secure credit card payment app adds power to an already sturdy technology. Look for an application certified by EMVCo with end-to-end encryption. Each transaction should verify that the card is present and “engaged” in the transaction—in other words, that the card and its user are at the transaction site.
To achieve this, a secret encryption key is authenticated as a part of each transaction. Only the card and issuer have access to it, and it can’t be taken from a previous transaction. If fraudsters can access that number, the entire system falls short. This is why encryption is so important. Your reader should process a credit card without sending critical information into cyberspace. SumUp terminals make it difficult to process stolen data by not making that data available in the first place. Think of encryption as invisible prison bars—it’s that much harder to cut through something you cannot see.
France adopted EMV before most other nations, and today it loses about $436 million a year to credit card fraud to the USA’s $3.1 billion. Much of the improvement is because malware is difficult to deploy on a credit card payment machine with a secure application program interface (API).
An API is an interface used to create your credit card payment app. It’s responsible for processing your transactions, keeping track of your stock, and controlling loyalty programs. APIs can’t offer reasonable security unless they’re designed for their unique purpose. A one-size-fits-all approach is no approach at all.
Since your API can access every dark corner of your system and its resources, the way it’s used is critical to fraud prevention. Today’s invincible app is tomorrow’s vulnerable one, so when you choose a processing partner, look for one that evolves with the market and its threats. For the moment, the secret codes used in authentication are nearly impregnable, but leading card companies are constantly updating their apps so that the walls they build remain as solid as they’ve always been. SumUp doesn’t merely accept credit cards payments, it maintains your security over the long-term, much like an armed response unit. It also adds value to your point of sale by introducing functions like inventory control and couponing. If you’ve always wanted to launch a loyalty program but have lacked the capital to implement it, your SumUp reader will make it possible without demanding an upfront fee.
If you or your staff are Apple users, SumUp uses iOS 9 SDK to accept credit card payments instead. This environment requires a secure connection in order to work, or the entire transaction is blocked. Security needn’t be complicated to be effective, and this is a prime example of simplicity at its most powerful.
Some readers can only process contactless transactions, others manage contactless and magnetic strip, and still others handle EMV. Since traditional solutions like magnetic strips are still in use in the USA, merchants can only serve all buyers if they accept all three payment configurations. SumUp serves every form of card payment, leaving none of your buyers out in the cold.
If a buyer’s bank asks for more data about a transaction and it is disputed, a fraud report notification is generated by the bank. Credit card companies also use a range of other protective measures like irregular account activity alerts and pre-purchase verifications. Suspicious transactions are verified directly with the card user via email or phone–just one more way EMV keeps you and your customers safe. Buyers’ experience at your point of sale is an inherent part of their experience of your brand. A feeling of safety is integral to that. A reliable cyber security system can produce returns of as much as 100% or $40, 000 a year in savings alone, making it one of the most important investments you can make. Contactless solutions are often as close to free as the industry can manage, contributing to your profits in enough ways to overjoy your marketing team. If it’s revenue you want, SumUp will lead you to it.
With SumUp, you can quickly and easily accept credit and debit card payments with your smartphone or tablet.