Understanding the chipped credit card deadline

Question

What should I do if I don’t have a new chipped credit card by the October 1st deadline?

Answer

This question was answered on September 23, 2015. Much of the information contained herein may have changed since posting.

Image courtesy of https://www.flickr.com/photos/cmcgphotography/The new EMV standard, which stands for ‘Europay, MasterCard, Visa’ is an important step to helping improve security for credit and debit card transactions, but it’s creating quite a bit of confusion.

 

The October 1st 2015 deadline actually only impacts physical retailers that conduct ‘card-present’ transactions and not card holders.

The only thing that changes on October 1st is the liability for fraudulent transactions switches to the ‘least EMV compliant party’.

In plain English, it means if an EMV or ‘chipped’ card is presented to a merchant that does not have an EMV terminal and the transaction turns out to be fraudulent, the liability for the transaction now falls to the merchant.

Current estimates are that only 70% of credit cards and 41% of debit cards will be EMV ready by the end of 2015, so it may take a while for you see all of your cards arrive with the chip.

For now, all EMV cards will also have a magnetic stripe which allows them to be used in the traditional manner, so you don’t have to worry about which technology is being used by the merchant.

The EMV cards will come in two flavors: Chip-and-Signature and Chip-and-PIN.

Initially, credit cards will likely be Chip-and-Signature and debit cards will be Chip-and-PIN, so you’ll end up using them the same way, except you will ‘dip’ the card instead of swiping it before either signing or entering your PIN.

When you have the choice, you should always ‘dip’ (insert your card into the chip reader at the bottom) instead of having your card swiped because it’s much harder to steal useful information during the process.

All of the big name retail hacks you heard about in the recent past occurred because hackers were able to capture all the information they needed from the magnetic swipes to create duplicate cards.

If EMV card terminals were in place during the hack, the information that the hackers were able to steal would have been pretty useless, because there isn’t any information that allows them to duplicate the card.

The October 1st deadline does not apply to ATMs or automated fuel dispensers at gas stations until 2016 and 2017 respectively, so don’t expect to see EMV terminals in those situations any time soon.

Does My Business Have to Upgrade to EMV Terminals?
If you’re a retailer with physical locations, I’d highly recommend you update your processing equipment, but you don’t have to, as long as you are comfortable with assuming the liability from fraudulent transactions.

One of the reasons the U.S. is one of the last countries to convert to the EMV standard is because the cost of conversion was higher than the cost of fraud for so long.

Dramatic increases in credit card fraud and point-of-sale data breaches has driven the industry to finally adapt this proven fraud deterrent like the rest of the world.

This could cause credit card thieves to focus on merchants that don’t adopt the EMV standards as well as online merchants as has been seen in other countries after EMV was established.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on September 23, 2015