The EMV Liability Shift: What you should be doing right now

September 15, 2015
5
min read

The U.S. is the last developed country in the world to throw away the magstripe card and move to EMV.

So begins the October 2015 liability shift.

Starting this October, until the end of the year, an expected 6-8 hundred million EMV enabled credit and/or debit cards will be issued to consumers.

Despite the transition having been announced in the past and it being in works for years, many merchants are still not ready to for the liability shift.

Unlike a law, the liability shift is not a regulation, merchants do not have to comply and will not be penalized for non-compliance. Although compliance isn’t mandatory and there are no fines, the impact could be much worse than any fine.

What does this mean for merchants?

By not upgrading your terminal to EMV, merchants are liable for financial losses related to fraud. This goes beyond a chargeback and the losses on cost of goods. The liability shift makes merchants responsible for compensating all damages related to fraud and credit monitoring. In addition to damages, there’s reputation and loss of business at hand by not complying.

We have been working with merchants to prepare for the EMV liability shift since 2012 when Canada made its transition to EMV.

Based on our experience, here is some advice for how to prepare for the EMV liability shift:

Larger merchants are behind if they haven’t already started

If you’re considered a medium to large business, you’re likely to have a complex payments ecosystem that will require more time to plan, implement and test EMV payment acceptance solutions. You wont want to do this at the last minute as your vendors, suppliers, and processors are going to be busier around October, making it more difficult to plan and execute. In addition, Apple Pay has increased service wait times as service providers and businesses are busy attempting to adopt new technology.

Non- EMV compliant merchants are more likely to be targeted by hackers

Cybercrime is growing and hackers are getting better at knowing which merchants are using out dated technology. When countries implement EMV, there is a migration of credit card fraud targeted towards businesses that use magstripe and aren’t yet EMV compliant.

Hire a team of experts or give someone on your team the responsibility of implementing EMV

By hiring a team of experts, you can keep your business at top of mind while professionals help migrate your business to EMV. Also consider assigning one of your employees to contact a consultancy that will help guide you through the process.

Equip yourselves for the future

Since you’ll be making the migration to EMV, you might as well equip for NFC, enabling your business to accept mobile payments and contactless credit cards. This piece of technology can increase your customer throughput by making speedier checkout times and provides a fantastic customer experience for those who don’t want to wait.

Consider encryption and tokenization

Yes EMV is more secure and more difficult to counterfeit, but we recommended that you encrypt your data using Point-to-Point Encryption (P2PE) and tokenization. This will help protect your customer data in a country where data breaches have become so much more common.

Are you prepared?

Don’t wait until the last minute. Start taking action now, there’s no point in delaying EMV as your business will be putting its customers data at risk.