The October 1 EMV (Europay, MasterCard and Visa) liability change deadline is fast approaching, and it’s apparent that lots of small to medium size businesses (SMBs) will not be prepared with an EMV-capable payment solution. According to a study report by Software Advice, just approximately 11 percent of small companies are prepared. One of the obstacles: lack of understanding about the value of EMV, restricted solution options within budget, reluctance to invest in and implement a new system and a daunting testing and certification process that may delay software developers.
The EMV standard was developed in the 1990s in Europe, and the U.S. is the last industrialized nation to embrace it. Microprocessing chips in EMV cards help decrease card-present fraud by issuing a lively authentication code for every transaction, which makes it virtually impossible for hackers to make counterfeit cards. This can be an advantage over magnetic stripe cards, which use static information which may be stolen and fraudulently reused.
Although EMV isn’t a mandate, as of October 1, the liability for counterfeit transactions shifts to the least EMV-compliant celebration; so if an EMV card is introduced but the merchant does not give the ability to process it, the merchant is liable for the cost.
While SMBs may believe that their earnings are too small or card fraud too limited to warrant upgrading to EMV-capable terminals, EMV offers several significant benefits:
- Greater security for customers
- Fewer disputes for fraud
- Reduced chargebacks because of counterfeit or stolen cards
- Improved consumer confidence, as SMBs provide same secure technology as bigger merchants
At exactly the exact same time, costs of implementing EMV include hardware and software upgrades, testing and certification, and time, in addition to training resources.
While the process to transition to EMV may seem complicated, merchants can utilize many tools to better understand and implement a new solution that protects them and their clients.
Certified EMV Solutions
An EMV-capable system should include EMV Level1- and – Level 2-certified hardware and software. Level 1 certificate comprises the interface between the card-accepting terminal along with the EMV card, and Level 2 addresses the software interface between the card into the terminal; both would be the responsibility of the hardware maker.
Level 3 (L3) certification examinations each exceptional EMV route to the system — the hardware+ software+chip combination. The POS programmer must certify each terminal to each credit card brand (Visa, MasterCard, American Express and Discover), which individually have different tests for each transaction path. Understandably, only 1 L3 certification can take weeks to finish, as the procedure is lengthy, expensive and now backlogged by numerous parties vying to certify their applications.
Simplifying the Process
The fantastic thing is that in November 2014, EMVCo published a new Brand-Aligned Terminal Integration Testing Framework, which unifies methodologies as a means to expedite the certification procedure. While the new framework can be adopted for automated or manual testing, processers that have an automatic system can optimize efficiency and give a greater amount of EMV-capable solutions to merchants more quickly.
Additionally, the Payments Safety Task Force, the PCI Security Standards Council and the EMV Migration Forum recently announced a new education and pre-qualification program for VARs and ISVs to quicken EMV testing and testing for their POS systems to be able to more effectively serve their clients.
Knowledgeable chips that have implemented EMV in different countries, in addition to chips that are designated as accredited agents of one or more card networks, are better positioned to condense the testing and certifying process and simplify implementation for POS programmers.
Merchants should speak with their Independent Software Vendor (ISV) and/or chip to find out which solution best meets their requirements, including training, pricing, support and deadline. Processors may also help businesses with hints for staff training which help address potential customer questions concerning using the chip reader.
While companies vet EMV-capable solutions, they ought to also consider integrating other payment protection attributes like end-to-end encryption and tokenization in their new system. Also, this is a chance to update to terminals which accept contactless payments, such as Apple Pay®.
Another source for SMBs is the Retail Solution Providers Association (RSPA), the industry organization for POS technology, which provides various EMV guides on its own site at www.gorspa.org.
While the comprehensive transition may take years from the U.S., it’s vital for SMBs to adopt EMV to decrease card present fraud.
►►► ConnectPOS is a cloud-based POS software compatible with multiple platforms including Magento, Shopify & Shopify Plus, and BigCommerce.
Our Feature Posts: