EMV (Europay, Mastercard, Visa) has been on everyone’s radar for a while now, but recent data breaches and impending deadlines is making EMV a top priority for merchants.
What is EMV?
EMV® is a global standard for secure credit and debit payment cards based on chip card technology, already in use throughout the world. Also referred to as chip and PIN or chip and signature, EMV-capable bank cards feature an embedded microprocessor chip that contains the cardholder data.
EMV replaces magnetic stripe swipe technology with a process of inserting the bank card into a device slot (“dip”) and inputting a PIN number (or requiring a signature). Unlike a magnetic stripe that contains static payment information with EMV dynamic authentication is used for each purchase.
EMV aims to increase security and decrease fraud associated with lost, stolen, or compromised cards. For example, chip cards are said to be harder to clone and reduce the opportunity for skimming scams.
If EMV has been available throughout the world for years, why is rolling it out in the U.S. so complicated? One key factor is cost, for example, in recent Senate testimony, Target estimated the cost of migrating all of its Point of Sale (POS) machines to accept EMV cards will be about $50 million. Issuing new EMV capable cards to consumers has been estimated at approximately $3 billion.[1]
Another issue is the well-coordinated effort it will take among all the stakeholders in the payment landscape. Standards, hardware, software, will all need to be updated. Let’s take a closer look at those involved and their role in the migration.
Who are the players?
EMVco – EMVCo is the organization that manages, maintains and enhances the EMV specification.
Government – EMV will bring changes to rules and regulations, often a lengthy process. For example, the Durbin amendment requires all U.S. debit transactions to access at least two debit networks. This will need to be adjusted in order for chip-based debit cards to be compliant.
Card Issuers – Consumers will need to be issued chip cards. As of March 31, 2013, financial institutions had issued 3.5 million Visa-branded EMV cards.[2] Other card issuers have made chip cards available by request. Only a small percentage of bank cards issued are EMV cards. To put it in perspective, a recent study showed there are 537 million credit cards and 560 million debit cards in circulation[3].
Device Manufacturers – Device manufacturers will have to certify to the EMV standard and develop new hardware. Some device manufacturers, such as European-based Ingenico, already have chip and PIN devices in use internationally.
Merchants – Card agencies will have to provide reasonable time for merchants to upgrade their equipment. Merchants purchasing equipment today are struggling with whether the new equipment they purchase this year will be obsolete in 2015. It is possible that device manufacturers will develop retrofits to existing inventory, or possibly offer merchants trade-in programs for existing equipment.
Processing Platforms – Processing platforms will need to certify to the EMV specification and update their specifications for third-party processors to code to. Platforms will need to create and make available testing equipment as part of the certification process.
Third-Party Payment Processors – Once new devices are available third-party processors, such as TrustCommerce, will be able to enhance integrations to support the new EMV capable devices. In addition, once the processing platforms make the new certification and testing environment available, TrustCommerce will be able to certify for EMV with the processing platform. TrustCommerce is currently working with multiple processors, vendors and our partners to be EMV ready.
One more tool in the tool box
While EMV is coming soon, it will be another component of security, not a cure-all. Everyone in the payment chain is responsible for securing and protecting transactions and will need to continue to work to provide the most secure technologies available. TrustCommerce will continue to help merchants protect transactions by adding EMV to our Trusted Solutions tool box which includes encryption (P2PE), tokenization and seamless redirect. TrustCommerce APIs are easy to integrate to and provide the protection merchants need to safeguard their customers’ information and their company’s brand and reputation.
Interested in learning more? Request a demo or contact a Solutions Consultant at 800.915.1680 x 2.
[1] Mercator Advisory Group
[2] http://www.digitaltransactions.net/news/story/4019
[3] http://www.marketingcharts.com/wp/topics/financial/americans-spent-5-more-using-credit-and-debit-cards-last-year-27212/