October 2015 is the deadline for switching credit cards and readers to EMV/Chip & PIN technology in the US. At this point fraud liability switches to the party with the lesser technology, which will have substantial impact on unprepared merchants. The eCommerce channel must also get ready as stopping fraud at physical retail stores will intensify online fraud attempts.
When Chip & PIN cards and the EMV standard were implemented on a large-scale in Europe and other markets, point-of-sale and counterfeit card fraud declined drastically, and in response fraudsters surged to the online channel. As more secure credit cards gain ground in the US, eCommerce merchants need to prepare and ensure their risk management programs are equipped to handle an increase in fraud attempts.
The credit card technology currently used in the USA stems from the 1960s, and the US is the only major country to still use cards with an easily forged magnetic stripe on the backside. In other areas, the swipe and sign technology has been replaced by cards with a microchip accompanied by a PIN code. Half of the credit card fraud in the world occurs in the US, while only accounting for a quarter of credit card transactions, but brick-and-mortar merchants unwilling to upgrade to new technology will in the future be responsible for fraudulent purchases.
The introduction of EMV in Europe caused a major reduction in card fraud at the point of sale and was especially effective in preventing counterfeit card fraud.
In the UK, Chip and Pin cards gained ground in 2004, and by 2006 nearly all card payments were fully migrated to the new system. In 2007, CNP fraud on cards issued in the UK ballooned 37 percent. 2008 saw another increase with 13 percent. CNP fraud losses more than doubled from 2004 to 2008, but have declined each year since then, until 2012 when there was a slight increase.
The implementation of Chip and PIN cards made using counterfeit cards and other forms of card present fraud much more difficult. This lead to an increase in fraud attempts attacking the CNP channel, and eCommerce merchants sought ways to contain losses.
Financial Fraud Action UK is an industry group under the UK payments administration, and they attribute much of the reduction in CNP fraud on UK issued cards to increased use of Consumer Authentication schemes such as AmEx SafeKey, MasterCard SecureCode and Verified by Visa.
In the US, card issuers have set a deadline of October 2015 for EMV compliant payment terminals. At this point, the liability for fraud will switch to whichever party has the lesser technology. That means that merchants with old card readers will still be able to do business, but they will be liable for any fraudulent transactions if the customer has a Chip and PIN card. If the merchant has a new reader but the bank hasn’t issued a new Chip and PIN card, the bank will be liable. There is one exception; gas stations with automated fuel dispensers will have until October 2017 to upgrade their equipment.
For More Information:
Comments