Loading...

Chipping Away at EMV Myths

Published: November 16, 2015 by Keir Breitenfeld

What the EMV Shift means for you

I recently facilitated a Webinar looking at myths and truths in the market regarding the EMV liability shift and what it means for both merchants and issuers. I found it to be a very beneficial discussion and wanted to take some time to share some highlights from our panel with all of you. Of course, if you prefer to hear it firsthand, you can download the archive recording here.

Myth #1: Oct. 1 will change everything

Similar to the hype we heard prior to Y2K, Oct. 1, 2015, came and went without too much fanfare. The date was only the first step in our long and gradual path to EMV adoption. This complex, fragmented U.S. migration includes:

  • More than 1 billion payment cards
  • More than 12 million POS terminals
  • Four credit card networks
  • Eighteen debit networks
  • More than 12,000 financial institutions

Unlike the shift in the United Kingdom, the U.S. migration does not have government backing and support. This causes additional fragmentation and complexity that we, as the payments industry, are forced to navigate ourselves.

Aite Group predicts that by the end of 2015, 70 percent of U.S. credit cards will have EMV capabilities and 40 percent of debit cards will be upgraded.

EMV Shift - US EMV Cards

So while Oct. 1 may not have changed everything, it was the start of a long and gradual migration.

Myth #2: Subscription revenues will plummet due to reissuances

According to Aite, EMV reissuance is less impactful to merchant revenues than database breaches, since many EMV cards are being reissued with the same pan. The impact of EMV on reoccurring transactions is exaggerated in the market, especially when you look at the Update Issuer provided by the transaction networks.

There still will be an impact on merchants, coming right at the start of the holiday shopping season. The need for consumer education will fall primarily on merchants, given longer lines at checkout and unfamiliar processes for consumers. Merchants should be prepared for charge-back amounts on their statements, which they aren’t used to seeing. Lastly, with a disparate credit and debit user experience, training is needed not just for consumers, but also for frontline cashiers.

We do expect to see some merchants decide to wait until after the first of the year to avoid impacting the customer experience during the critical holiday shopping season, preferring to absorb the fraud in the interest of maximizing consumer throughout.

Myth #3: Card fraud will decline dramatically

We can look to countries that already have migrated to see that card fraud will not, as a whole, decline dramatically.

While EMV is very effective at bringing down counterfeit card fraud, organized crime rings will not sit idly by while their $3 billion business disappears. With the Canadian shift, we saw a decrease in counterfeit card loss but a substantial increase in Card Not Present (CNP) fraud.

In Canada and Australia, we also saw a dramatic, threefold increase in fraudulent applications. When criminals can no longer get counterfeit cards, they use synthetic and stolen identities to gain access to new, legitimate cards.

EMV shift - Canada Fraud Loss

In the United States, we should plan for increased account-takeover attacks, i.e., criminals using compromised credentials for fraudulent CNP purchases. For merchants that don’t require CVV2, compromised data from recent breaches can be used easily in an online environment.

According to Aite, issuers already are reporting an increase in CNP fraud. Fraudsters did not wait until the Oct. 1 shift to adjust their practices.

Myth #4: All liability moves to the issuer

EMV won’t help online merchants at all. Fraud will shift to the CNP channel, and merchants will be completely responsible for the fraud that occurs there.

We put together a matrix to illustrate where actual liability shifts and where it does not.

Payments liability matrix

EMV shift - EMV Liability

Note: Because of the cost and complexity of replacing POS machines, gas stations are not liable until October 2017.

For more information, or if you’d like to hear the full discussion, click here to view the archive recording, which includes a great panel question-and-answer session.

Related Posts

...

Published: June 6, 2023 by admin

According to Experian data analysis and a recent study on unemployment insurance fraud, at least 25% of new claims are a result of identity theft.

Published: April 15, 2021 by Eric Thompson

It’s critical for credit unions to understand the specific threats presented by life online and be prepared with a fraud detection and prevention plan

Published: April 13, 2021 by Alison Kray

Subscription title for insights blog

Description for the insights blog here

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Categories title

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book.

Subscription title 2

Description here
Subscribe Now

Text legacy

Contrary to popular belief, Lorem Ipsum is not simply random text. It has roots in a piece of classical Latin literature from 45 BC, making it over 2000 years old. Richard McClintock, a Latin professor at Hampden-Sydney College in Virginia, looked up one of the more obscure Latin words, consectetur, from a Lorem Ipsum passage, and going through the cites of the word in classical literature, discovered the undoubtable source.

recent post

Learn More Image