Last October, banks stopped paying for fraudulent purchases made at retailers lacking terminals to read newly rolled out, microchip embedded EMV credit cards (The EMV stands for the three primary drivers for the new technology, Europay, Mastercard and Visa). Called the liability transfer, this policy means that stores assume responsibility for unauthorized charges that are made on terminals without the certified technology to read the new cards.
While microchip enabled cards, which have been available in Europe for more than a decade, are more secure than traditional magnetic stripe cards, their implementation has been met with confusion, frustration, and litigation.
Certifiable? B&R Supermarkets vs. EMV
The major contention thus far has to do with certifying the new terminals. In order to avoid liability for fraudulent purchases, retailers must have their new EMV terminals certified by third parties such as First Data and Vantiv. The delay in certification—months-long in some cases—has, particularly for mid-sized businesses, been crippling. With each passing month since the October liability shift, retailers and grocers lose thousands of dollars. B&R supermarkets, which recently sued the EMV consortium under anti-trust laws, estimates it has spent over $10,000 per month in fraudulent charges since October.
At issue, according to B&R: the same card companies who stand to profit by transferring fraud liability to retailers without certified terminals also own or are affiliated with the companies charged with performing the certification. Payment processors counter that there is no conflict of interest, that vendors delayed installing the new technology to avoid long lines during the last holiday season, and are now stuck in a backlog of procrastinators; however, similar delays have been reported across the country, cases where the terminals were purchased well before the deadline and have yet to be certified. While this does not necessarily suggest collusion, the delay has been troubling.
“What you have is a massively unfair and intentional Catch 22, where the very people who benefit from making these merchants pay under the liability shift are the people who imposed it and now control when, if ever, the merchants can get out of under it,” charged one lawyerrepresenting B&R.
Your 5 Cents? Wal-Mart vs. Visa
Whereas B&R brought suit against the entire EMV consortium, Wal-Mart’s recent suit targets only one, Visa. At dispute: Personal Identification Numbers (PINs), which Visa, unlike MasterCard and other providers, does not require customers to use with their EMV credit cards, allowing them to sign for the charge instead. According to Wal-Mart, this makes transactions unsafe; according to Visa, customers would find difficulty adjusting to both a microchip and a PIN.
While both say customer safety and convenience is at the heart of the dispute, there is quite a bit of money at stake as well. Visa charges Wal-Mart $.05 more per signature-based transaction than it does for PIN based transactions; while this may seem a paltry sum, considering the vast amount of daily transactions at Wal-Marts across the nation, well, it adds up.
A Chip on the Shoulder
Yet, it isn’t all doom and gloom on the EMV front. Since October 1, Visa reports that it has decreased fraud by 18.3% among the top five adopters of the technology and that retailers that have not implanted EMV have seen their fraud increase by about 11% over that same time period. So, despite some hiccups, the technology is achieving its primary function, fraud reduction.
But even within these numbers there is some cause for concern, particularly as fraud is pushed from brick and mortar to digital. According to one fraud prevention analyst, “If physical card fraud is harder, online fraud becomes more attractive.” As such, CNP (Card-Not-Present) fraud is expected to reach of $7.5 billion by 2020 in the US alone. Of course, everybody could be using Apple Pay at that point anyway.
