Four EMV Liability Shift Myths Debunked

The EMV liability shift has been one of the hottest restaurant POS topics of 2015. With the looming shift on October 1st, 2015 many retailers are now taking steps to install EMV readers in their restaurants.

As a restaurant POS provider we’ve closely followed this topic as we’ve prepared our own products for this shift. We’ve found there are many misconceptions in the market about it and wanted to debunk four of the most common myths.

WAND-EMV-TerminalMyth One: EMV Prevent Credit Card Breaches. One of the biggest myths is if you get an EMV reader it will automatically protect your restaurant against the credit card breaches that have plagued retailers in recent years. This is simply not the case. In reality, EMV does little to prevent a data breach.  What it actually does is make any stolen EMV credit card data virtually useless to the hackers.  Therefore, EMV readers are certainly the first step towards reducing the likelihood of credit card fraud but in order to truly become secure you need to also implement basic security measures as outlined in the PCI DSS, including firewalls, network segmentation,  tokenization, and end-to-end encryption to protect your data.

Myth Two: Chip Cards Don’t Matter to Consumers. Another rumor circulating is it’s not consumers who care about using chip cards; it’s the credit card companies that are pushing them. Again, this is false. Customers are extremely wary of their information being breached and, as such, will take steps to ensure their data is protected. A chip cards study by MasterCard found that 75% of consumers agreed chip cards help protect their data and they expect to use these cards at merchants they frequent.

Myth Three: EMV is Something New. EMV chip cards have actually been around for many years, introduced in the European market as early as 1999. They are standard in much of the world already and, in fact, the United States is one of the last countries to begin using them.

Myth Four: The Cost of Adding EMV Readers is Greater Than the Cost of Fines from the Liability Shift. Many companies believe they are saving money by not adding EMV readers to their restaurants. They reason that fines they could potentially incur from having fraudulent credit card transactions after the October 1st liability shift are less than the cost to purchase EMV readers. While a valid point, the bottom line is the cost of having a credit card breach is measured in more than just a few fines incurred. There’s huge loses that can occur when a brand’s reputation is damaged. After Target’s infamous Christmas credit card breach of 2013 its profits fell by 40% and the company is still feeling the effects of the loss of consumer confidence in the brand. And given that 75% of consumers expect to use EMV readers when they shop, restaurants that aren’t catering to this audience could potentially face those customers going to the competition instead.

When it comes to updating restaurant POS systems for the EMV liability shift my strong recommendation is to be proactive versus reactive. Your company and customers will thank you for it.

EMV Liability Shift Info for QSR Operators

Recent headlines about data breaches and credit card fraud have only reinforced what has been a troubling fact for a long time: traditional credit card transactions contain vital personal data that are targets for theft. In the United States alone, the cost of credit card fraud will top an estimated $10 billion in 2015. One measure taken by QSR and Fast Casual restaurants to control these costs is to step up their use of EMV cards with their restaurant POS in preparation of the EMV liability shift. If you haven’t seen one from your own credit card company, expect to get one soon.

WAND EMV TerminalEMV cards (“chip cards”) were designed to reduce fraud associated with these transactions. EMV involves using secret cryptographic keys and chip-card capable point of sale (POS) terminals to authenticate credit and debit card transactions. Because EMV supported restaurant POS terminals encrypt the transaction information before transmitting, the information is never stored in unencrypted form at the terminal and the risk of fraud is eliminated.

When implemented with PIN for cardholder verification, EMV limits the risk of lost/stolen/never-received fraud. In countries where EMV has been deployed, there has been a measurable and significant reduction in face-to-face fraud.

Counterfeit Card Liability Shift
Currently, when a criminal makes a purchase with a counterfeit card, the credit card issuer assumes liability (or cost). To encourage the use of EMV technology, the liability for fraudulent transactions made with EMV-compliant cards on non-EMV compliant devices (old magnetic strip reader), will shift to the merchant. After October 2015, if your restaurant accepts a fraudulent transaction paid with a chip card on a non-EMV compliant device your business may have to pay for the fraudulent purchase. To protect your business against this liability, you need to install EMV compliant devices.

What the “Liability Shift” Means to You
Since a typical ring-in at the register of a QSR restaurant is below $25, the actual money risk of accepting a counterfeit card is pretty low. Instead you run the greater risk of making headlines for being targeted by hackers who could gain access to financial information stored in your POS system. Equally unappealing is the prospect of getting in a dispute with your credit card provider over fraudulent transactions. In fact, in another attempt to control the costs of security breaches, many banks may impose fines or fees in the event of fraudulent transactions accepted on non-EMV systems

Benefits of EMV Compliance Devices
The bottom line is you want to avoid this liability in your restaurants and the easiest way to do this is to install an EMV compliant restaurant POS. When you do this you will:
• Eliminate your liability in the event of a fraudulent transaction made with an EMV card, after October 15, 2015.
• Reduce your risk of having your transaction data being hacked and the associated damage to your brand.
• Reduce the risk of financial penalties levied by credit card issuers if you continue to accept payments on a non-EMV terminal or register with Magnetic Stripe Reader (MSR).