The Great EMV Debate

Stop. Drop. Secure card payments at point of sale.

That's the drill for every merchant, business and acquirer handling card payment transactions at Point-of-Service in the United States. From large organizations to small businesses, protection against large scale security risks is high priority. EMV has emerged as the new security requirement to help fight card fraud through dynamic authentication. Already utilized in countries across the world, an initiative to roll out EMV in the US is underway, leaving many merchants and acquirers questioning the bigger picture of card security.

EMV (Europay/MasterCard/Visa) is an authentication process that incorporates a card embedded with a chip of encrypted data. In an EMV card payment transaction, the user enters a PIN that is dynamically authenticated with the card. It's a positive step towards securing card payments and one the US would have embarked on sooner if not for the huge costs to update an existing infrastructure for magnetic strip cards. Now US merchants must implement EMV, or face potential fees, penalties and added liabilities from card associations.

But how effective will EMV prove in the long run?

Some skeptics feel that EMV is not an end-all solution to securing card payments, yet it will take a considerable investment in time, resources and money to implement. Here are some points to consider when analyzing the merits of EMV and potential ways it may impact your business:

Benefits of adopting EMV
  • The EMV standard will reduce card fraud resulting from lost or stolen cards. The encrypted data embedded in the chip of each card creates a dynamic transaction that are nearly impossible to replicate when the card is not present. Other countries utilizing EMV payment cards have seen reduced instances of card fraud and counterfeiting. Once fully adopted, the same results are expected in the US.
  • Consumers will be able to use EMV payment cards anywhere they are accepted in the world. From a merchant's perspective, this helps in catering to foreign tourists and expanding the global payment platform.
Concerns with adopting EMV
  • Cost to Implement - The main reason this country hasn't moved forward with EMV until now is the expense. The merchant or acquirer must bear the cost of upgrading to EMV-enabled card reader devices and any updates required in data interface to accommodate the transaction messaging for EMV-based payments. Both are significant investments in time, resources and money.
  • Effectiveness - The scope of EMV is contained to the authentication of the user in the transaction. There are several steps to processing a payment transaction and this is just a single, although critical, component. It is equally important to protect the data as it progresses through the transaction. EMV alone is not the silver bullet. A layered approach to addressing security and fraud that includes tokenization and P2PE encryption is highly recommended.
  • Return on Investment - As mentioned above, the costs associated with implementing EMV are potentially high, yet it is not the complete solution for card security. Many retail executives are still discussing the value of EMV versus the cost to implement. A key consideration should be the pending October 15, 2015 deadline for any merchant not in compliance (having at least 95% of card transactions processed on EMV devices) carrying liability for the fraud costs associated with a data breach.

By adopting EMV, US merchants will join the rest of the world in utilizing a widely accepted method for mitigating fraud and counterfeit card activities. Coupled with enhanced tokenization, card cloaking and encryption, merchants that invest in EMV technology as a baseline to a multi-layered strategy will avoid the fees, penalties and credibility loss associated with high level security events.

Do you think EMV will be enough to secure card transactions?

What is your business plan for securing card payments at POS?

iPayX offers ValutaPorttm, a card security solution that includes EMV, card cloaking, a merchant service gateway and secure card reading devices with point-to-point encryption as detailed in the USSS advisory guidelines.

Please contact us for more information on ValutaPort, or sign up today to receive our white paper Responding to New Threats in Credit Card Security, an analysis of the Target breach, the expense of securing payments and our multi-layered solution for maximizing fraud defense.

Subscribe Here to continue to receive regular updates from iPayX, delivered straight to your inbox.

Topics: Merchant Processing, Security, Point-of-Sale

About us

iPayX (Internet Payment Exchange, Inc.) provides payment systems, electronic document delivery, and associated customer service solutions that complement and maximize a company’s internal systems and resources. Our technology services are found in hundreds of businesses including healthcare providers, utility companies, wholesale distributors, municipal governments, service providers and other organizations in 47 states. We annually process over a billion dollars in electronic payments.

​Internet Payment Exchange, Inc. is a registered ISO of Wells Fargo Bank, N.A., Concord, CA 95524

Contact

We move money to you at 'net speed.

Internet Payment Exchange, Inc.
1946 N 13th St.
Ste 392
Toledo, OH 43604 USA
Phone: (800) 530-7004
Fax: (419) 730-7095

 

Drupal 7 Appliance - Powered by TurnKey Linux