Computer News & Safety – Harry Waldron Rotating Header Image

EMV credit cards – New Technology and Legal Liability standards

On October 1, 2015, new legal changes will be forthcoming which in certain circumstances will switch legal liability from banking industry to merchants who process a forged EMV credit card.  The legal liability changes may be designed to encourage retailers to move to DSS/PCI version 3 standards. 

The links below share that October target date is slowly being adopted as public education of the new credit card is lagging some.  Also, the new standards don’t address on-line controls well in the use of credit cards.  However, these new controls are beneficial where EMV credit cards are used in retail stores, restaurants, or other direct purchases.

http://www.eweek.com/security/emv-switch-this-week-could-threaten-many-businesses-in-u.s..html

http://ktla.com/2015/09/28/heres-why-you-got-a-new-credit-card-in-the-mail/

http://www.techrepublic.com/article/us-deadline-for-emv-credit-cards-looming-what-you-need-to-know/

http://www.dataprivacymonitor.com/wp-content/uploads/sites/188/2015/08/8-20-2015-2-640×250.jpg

NEWS ANALYSIS: Despite years of warnings, a large percentage of U.S. businesses aren’t ready for the switch to EMV cards, and many don’t even know about it. The long-awaited credit card liability shift happens on Thursday, Oct. 1, and for many businesses and consumers, it will be a total surprise.

Despite articles describing the coming change in who has to pay for purchases made with counterfeit cards that have been running for years, and despite announcements from the president of the United States and many banks, many are blissfully unaware. Unfortunately, the awareness of the change will come suddenly, and probably not in a pleasant way for most.

Just so you’re clear on what’s happening, as of Oct. 1, 2015, merchants may become liable for charges made using counterfeit credit and debit cards. The liability will happen if the merchant has a point-of-sale (POS) terminal that can read the new EMV chips embedded in credit cards. If someone copies the data from the magnetic stripe from a chip-enabled credit card and tries to buy something from a merchant, then the merchant becomes liable for any loss.

However, if the merchant doesn’t yet have a chip-enabled POS terminal, or if the counterfeit card wasn’t using magnetic-stripe data from a chip-enabled card, the issuing bank remains responsible for the liability. Banks and credit card issuers are rolling out cards with EMV chips as fast as they can print them. Credit card clearing services are replacing POS terminals with chip-enabled terminals as quickly as they can.

Part of the problem is that the process of becoming certified to handle EMV credit cards is taking longer than anyone expected, partly because the requirements and regulations are complex. “There are 200 different certifications you need,” Hoffman said. He noted that a great deal depends on third-party providers also being ready, and if they’re not ready, a merchant can’t be ready, and there might not be anything they can do about it.

The problem, unfortunately, isn’t likely to be fixed in time for the Oct. 1 deadline. “The EMV certification process is taking longer than anticipated,” said Michael Grillo, director of solution marketing for ACI Worldwide. “By the end of the year, maybe 30 percent of large merchants will be EMV-certified.”

Part of the problem is that there has been no major consumer education effort. As a result, nobody has a good idea of how to use the new cards and what they’re expected to accomplish.

Comments are closed.