The big switch from traditional magnetic strip credit cards to the new chip-based Europay, Mastercard and Visa, or EMV, cards is coming. According to PaymentWeek, U.S. banks will replace more than 70 million debit cards alone with new EMV-based cards by the end of the year, and that represents only about a quarter of the cards that must be migrated in America.
Despite all of the upcoming changes in card format and the compliance deadline of October 1, 2015 for businesses being equipped to accept EMV chip-based cards, it seems that a large percentage of small to midsize businesses will miss out on compliance. Chain Store Age shared data from a recent survey by Software Advice that found that only 22 percent of SMBs are ready to accept EMV chip-based cards.
Of the SMBs that haven’t yet complied, 34 percent feel that they haven’t had enough time to research or “implement EMV-compliant technology,” 33 percent think that the technology is “too expensive,” 23 percent don’t feel installing new card readers is necessary and a full 10 percent haven’t heard about EMV cards or the compliance issues that they may face.
HuffingtonPost delved further into the lack of EMV terminal adoption recently. It reported that the “chip & signature” method is “an expensive half-measure.” For many businesses, paying for new credit card readers and software and the time and effort to train employees will be a huge hit to the budget. Not to mention, the initial process of cash register attendants needing to assist customers in using the new technology (and troubleshooting potential issues) will take up more time at the registers.
One point that most analysts agree on, though, is that the new EMV chip technology is meant to help cut down on credit card fraud. Any business that isn’t compliant—meaning that isn’t equipped to handle the EMV card processing—will be then required to cover credit card fraud costs themselves. This removes responsibility of such fraud from the banks and puts it on retailers—many of them SMBs. By complying with the new technology regulations, SMBs potentially save themselves thousands of dollars or more in fraud costs.
“Small businesses risk devastating consequences if they aren’t prepared. This is especially true if they are running on tight margins to begin with. Once the liability shift occurs, if the proprietor accepts a fraudulent charge via swipe, they will be held liable for that charge if the terminal is not EMV compliant. The shift moves the liability from the issuing bank to the merchant, so the consequences are more of the roulette variety – they could be devastating or they could be a non-event.”
It seems many SMBs are willing to play this roulette game. However, Seth Ruden, senior fraud consultant for ACI, added a tip for those businesses to help offset large fraud payouts:
"If businesses do not see themselves ready to meet the deadline, they may need to ask themselves if they have classically been an attractive business for fraudsters, e.g. Fuel dispensers, pharmacies, supermarkets, etc. If so (and even if not) it would be smart for them to have a prepared budget for fraud losses which may be shifted to them. Plan to get some additional checkout controls in place, like checking ID when customers are using a mag stripe for checkout. Or when mag is used, preferring the customer to use a PIN. Showing fraudsters that the business security policy shifts with the liability will typically send the fraudsters to weaker businesses which are easier targets.”
What SMBs also need to realize is, once larger retailers are EMV compliant, fraudsters will shift their sights to hitting the next easiest target—those businesses that still rely on magnetic strip credit cards for their payments. Perhaps finding the budget to make the switch is worth it. Or at least SMBs should talk with their current POS vendor about options for updating. Being prepared couldn’t hurt.