Have you heard the buzz? The end of the swipe-and-sign credit card is near. Well, the end has already happened in many parts of the world, but the US is finally following suit after some pretty big events (Target, Neiman Marcus, etc). What does this change mean for you? What does this change mean for business owners all across the country?
First let’s dive into what’s actually happening here. Starting October 2015, you will no longer be swiping your credit card. You will, instead, insert your (new) card into a slot of a machine. The machine will then read a microchip, not a magnetic stripe. You will then either sign your name (for now) or enter your PIN number (if the card issuer has added them to their cards.)
What is this “EMV” technology?
The term “EMV” refers to a specification for the technical requirements of chip-enabled payment devices, generally credit and debit payment cards with embedded microchips, and how the cards interact with point-of-sale and ATM infrastructures. There are many “flavors” of a chip-based payment standard, including using chip + PIN only or chip + choice (the option of using either PIN or signature) as cardholder verification tools; the majority of EMV implementations globally have focused on chip + PIN enablement. Whatever the format, smart chips are the basis of the technical standard behind more than 1.24 billion payment cards and 15.4 million POS terminals,3 with almost all of those cards and acceptance devices residing outside the United States. Europe, Canada, Latin America and Asia/Pacific are all in various stages of EMV chip migration and usage, leaving the U.S. region—the largest user of payment cards in the world—as the last major hold-out for implementing the otherwise global standard.
What are the benefits to the consumers? Well first, requiring customers to enter a PIN prevents checkout staff from handling your card. Consumers must handle the point-of-sale device directly to insert their cards and verify payment. Under the current system, it is all too easy when a checkout staffer takes your card for them to swipe it through a card-copying machine or when a member of the wait staff takes your card to pay your bill, etc. The Target hack was accomplished when hackers were able to alter the point-of-sale machines to copy the info on the magnetic stripe of the card when swiped. Chip-and-PIN technology would make this hack useless because the number on the chip alone wouldn’t help them. They would need the PIN as well.
Now that the change is a reality, it’s up to the banks to issue new cards to consumers and it’s up to merchants to update their existing systems to accommodate the new cards. Why is this significant? A big part of this changeover is the liability shift when fraud does occur. This means, whenever card fraud occurs, someone is determined liable for the costs. In this case, whichever party has the lesser technology will be responsible for the cost. If the bank has failed to issue a chip card and pin number to the customer –the bank would be liable. If the merchant is still using their old system where they can run a swipe and sign transaction –the merchant is liable. This is extremely significant to business owners. This means everyone. Every gas station, every McDonalds, every restaurant, bait shop, etc.
The idea is to encourage all merchants and banks to update at the same time so that the transition is a smooth one. I have a feeling though, that this shift in liability is going to come to quite a surprise to merchants who aren’t paying attention to this change in payment methods.
So, alert all shop owners, small business owners, etc. A big change is coming. It’s definitely beneficial to consumers and to fighting fraud, but merchants should be aware of their responsibility in switching over. What are your thoughts?