EMV? Chip and PIN? What does this all mean? If you find yourself asking these questions, don’t worry, you’re not alone.  As we near the deadline for merchants in the United States to adopt the EMV compliance standards, it is apparent that many merchants are uninformed and uneasy about the upcoming changes and what it means for their business. This shouldn’t be the case, so we’ve compiled a brief background of EMV, how it affects merchants, and what they need to do to ensure they’re compliant.

What is EMV?

EMV, an acronym for EuroPay, Mastercard, and Visa, is a set of globally recognized standards ensuring the proper usage and communication between microchip-equipped cards and the hardware used to complete transactions. EMV is designed to increase security for ATM and credit card transactions, as well as minimize in-store card fraud. The technology was originally introduced in 1995 and over 80 countries have either already adopted, or are in the process of adopting the EMV standards today. These countries have seen dramatic decreases in card fraud since the technology was introduced. The U.S. is one of the last major countries to adopt the EMV guidelines, but with the recent security breaches with major retailers like Target and The Home Depot, many feel it can’t come soon enough.

How is EMV More Secure?

So, why exactly is EMV more secure? There are two main reasons. First, in order to complete a transaction, the cardholder must insert the chip card into an EMV card reader then enter a PIN. This two-step process increases security at checkout, as a fraudulent card user can no longer just swipe the card and forge the card owner’s signature. Second, the data from the EMV cards is tokenized, creating a dynamic transaction code for each individual purchase. This prevents hackers from gathering card information and using it at a later date, as opposed to traditional magnetic stripe cards where the data is static and can easily be copied and duplicated.

What does this mean for Merchants?

This once-in-a-generation change to payment acceptance should be welcomed by card-present merchants, as it will decrease their susceptibility to fraudulent transactions and financial data breaches. However, the shift to EMV compliance will require a small investment in hardware and software upgrades for most merchants, which will be discussed in the next section.

There is also a shift of liability for fraudulent charges that is occurring on October 1st, 2015, the deadline for U.S. merchants to fully migrate to the new compliance standards. If a merchant has not adopted a terminal that is EMV certified, the merchant can be held liable for all fraudulent charges occurring on chip cards at their business. This should encourage all merchants to ensure they are EMV compliant before the October 2015 deadline.

How can merchants ensure they are EMV complaint?

Merchants should first analyze their current in-store technology and determine if it needs to be replaced or upgraded. Equipment upgrades can be both costly and time consuming, so merchants should consider these factors and plan accordingly. Some decisions a merchant will have to make are, but not limited to:

  • Does the POS hardware need to be replaced?
  • Is the POS software up to date? Does it need to be upgraded or replaced?
  • What PIN pad devices are needed for EMV transactions?

Merchants should contact their POS providers to confirm whether or not upgrades need to be made. Chances are if a merchant’s POS hardware and software are more than a few years old, they’ll need to upgrade.

Merchants should also develop an employee training program, as the function of EMV transactions is very different than traditional magstripe transactions. It’s important that all necessary employees are properly trained to maintain a smooth customer experience throughout the transition period.

It’s imperative that merchants get in front of this shift and don’t wait until the last minute to migrate their business over. Not only will an early transition benefit employees, but it will guarantee that customers continue to receive a high level of service throughout the process.

Adopted from “The Small Business Guide to EMV Compliance” by Community Merchants U.S.A, a 501(c)(6) organization dedicated to helping small businesses understand how electronic payments can help you start, manage and grow a business.

Interested in learning more about how to protect your small business from cyber attacks and other related news?

Attend the Delaware Cybersecurity Conference on Tuesday, September 29th! Click here for more information and registration.