Print

Get the 411 on EMV with some FAQs

Download a PDF HERE

 

Q:A: What is EMV?EMV is an open-standard set of technical specifications for chip card payments and acceptance devices such as POS terminals, kiosks and ATMs.  The EMV standard was developed originally by Europay, MasterCard and Visa (Europay subsequently merged with MasterCard). Today EMVCo manages and maintains these global standards and is made up of MasterCard, Visa, American Express, JCB, Discover and UnionPay.

 

The EMV specifications apply to all payment devices and acceptance terminals to ensure they are developed to the same standard.  This provides global interoperability and a seamless shopping experience for consumers all over the world.

 

 

Basically,EMV is a global industry standard used to govern card payment technology.  Cards with chips embedded provide strong security features and other capabilities.
Q:A: Where has EMV been adopted?Over eighty countries globally already support EMV chip card payments. Canada and Mexico and many Central and Latin American, European and Asian countries have either completed or in the process of completing their migration to EMV.

 

As of December 2013 EMVCo statistics showed:

  • 2.37 billion chip payment cards are in use
  • 99.9% of terminals in Europe are chip-enabled
  • 84.7% of terminals in Canada, Latin America, and the Caribbean are chip-enabled
  • 86.3% of terminals in Africa and Middle East are chip-enabled
  • 71.7% of terminals in Asia Pacific are chip-enabled

 

Between late 2011 and early 2012, MasterCard, Visa, American Express and Discover announced their plans for moving to a chip-based payments infrastructure in the U.S. with a Fraud Liability Shift taking effect from October 1, 2015.

 

MasterCard’s focus is on security for the next generation of payments.

 

Basically,EMV is used worldwide.  The United States is the last major country to adopt the standards.

 

 

 

 

 

 

 

 

 

 

 

 

Basically,

EMV is an essential first step and provides the basic infrastructure to being able to accept secure payments from mobile devices..

 

Q:

A:

What is MasterCard’s EMV Roadmap and what does the Fraud Liability Shift mean for my business?April 2013: all Acquirers and Processors were mandated to upgrade their systems, authorization and clearing, to be fully EMV compatible.

 

October 1, 2013: MasterCard offered a phased approach to ADC (Account Data Compromise) relief for merchants in order to ensure the overall market is making progress on enabling EMV and issuers  do not bear all the risk of data breach events. This relief requires the merchant to upgrade to terminals featuring both contact and contactless transactions capability.

 

October 1, 2015: the Fraud Liability Shift date for cards and POS devices, which is aligned across all of the major payment brands.  This means that after October 1, 2015, the party, either the issuer or the merchant who does not support EMV, assumes liability for counterfeit card transactions.

 

Further MasterCard supports a liability shift for lost or stolen fraud to the party that does not support PIN as a cardholder verification method. If neither party supports PIN then only the counterfeit liability shift rules apply. This is a unique element of MasterCard’s liability shift, compared to the other payment brands.

 

It is important to note that this is not a mandate to implement, but rather a Fraud Liability Shift.

 

October 1, 2016: ATM Liability Shift date. The same liability shift extends to ATMs as for POS.

 

October 1, 2017: Liability shift date for Automatic Fuel Dispensers (AFDs) to that of the party that does not support EMV non-compliant party, extends to gas stations fuel dispensers.

 

The Fraud Liability Shift is not a mandate – meaning there is no penalty if you do not meet this date.  However, as many other merchants move to secure their payments with chip technology fraudsters may focus on those merchants that have not yet upgraded and there is a risk that you could become the target of fraud.  The decision to migrate is yours, and you must consider this with these risks in mind.

 

Basically,  MasterCard’s fraud rules provide protection to the party with the higher level of security.  For merchants, if you install EMV capable card readers with PIN support by October 1, 2015, then MasterCard will not hold you liable for fraudulent transactions – -either lost/stolen or counterfeit.

 

If you do not upgrade your terminals to the new EMV standard by October 1, 2015, then you bear the liability for potential counterfeit and lost and stolen fraudulent transactions made with a chip-enabled card.

 

The same applies to fuel dispensers at gas stations, but not until October 1, 2017.

 

 

 

 

 

 

 

 

 

 

Basically,

It is not a mandate, but it is a liability shift.  In order to protect yourself from fraud you will need to upgrade your terminals at some stage.

Q:A: What are the benefits of accepting chip payments?EMV secures the payment and reduces the opportunities for fraudsters to steal data that can be later used for counterfeit cards, as they currently can do with magnetic stripe cards.

By accepting chip payments you are providing a more secure transaction environment for your customers.  You are also ensuring that you are able to accept the next generation of payment technology, such as contactless, via smartphones, tablets, watches and any other enabled payment device.

 

Merchant terminals that are capable of processing both contact and contactless chip payments allow for secure and faster checkout experiences. This is extremely important in non-traditional payment environments, such as transit and stadium.

 

 

 

 

Basically, Chip cards are harder to clone or steal data from.

 

 

Q:A: What type of cards will Merchants accept? 

  • Contact Chip Cards:  A contact chip card communicates by making physical contact with a chip reader.  These cards are inserted into the POS device and remain there until the transaction is completed.  Contact chips are visible on the front of a card; they appear in the top left corner of a card and are usually gold of silver in color.

 

  • Contactless Payment Devices: These include cards, mobile phones and other wearable devices.  A contactless device uses RF (Radio Frequency) which requires proximity to an antenna in the reader to communicate and make a payment. (Consumers will Tap/Wave the device to make a payment).  The embedded antenna of contactless devices is not visible most of the time; however, many contactless devices will display a graphic symbol to indicate that they have contactless capability.

 

  • Hybrid Cards: These cards have both contact and contactless payment capability.  The consumer will select which method they choose to use when making their payment.
Basically, Accepting chip payments makes you more attractive to buyers because there are generally more payment options at the terminal (like mobile, tap and go, or the standard dip) and the consumer will feel confident when making payments at your store/s that it is the most secure transaction environment
Q:A: How does EMV secure transactions? The chip that is imbedded into the payment device is a mini computer that performs additional security checks and validations during a transaction.  It adds dynamic data to a transaction which makes each transaction unique.  This is unlike a magnetic stripe transaction that uses static data that never changes, making it easier to replicate.

 

Basically,EMV uses dynamic information in the transaction to secure the payment transaction.
Q:A: How is a chip card transaction different from a magnetic stripe card transaction?A contact chip card looks just like a traditional card with an embedded chip in addition to the standard magnetic stripe on the back of the card. Rather than swiping the card, the cardholder may insert the chip card into the card terminal or tap a contactless   payment device to make their payment.

 

They may have either a contact, contactless or combination of these capabilities in their payment device.

 

Contact cards – this will require the consumer to insert their card into the payment terminal.  They will verify themselves with a PIN or signature and leave the card in the device until the terminal indicates that the transaction is completed. Or alternatively they may not be required to verify themselves, which is referred to as a No Cardholder Verification Method (CVM) transaction.

 

Contactless cards and devices (such as mobile phones) – will require that cardholder tap their payment device on the terminal to complete the payment transaction.  They may be required to enter a PIN and signature for verification or they may also do a No Cardholder Verification Method transaction.

 

The way the consumers verify themselves (PIN, Signature or No CVM) is pre-determined by the issuers.

 

 

 

Basically,Cardholders now insert the card in the terminal and leave it there while the terminal authenticates the card as being real and authorizes the transaction.

 

Depending on the issuer’s choice, cardholders may either sign or enter a PIN to complete the transaction.  Depending on the dollar amount of the transaction, they may not even have to sign or enter the PIN.

 

For a mobile or contactless payment, cardholders tap their payment device to the terminal.  Again, they may need to sign, enter a PIN or do nothing depending on the issuer and the dollar amount of the transaction.

Q:A: How are chip transactions authorized?Just as for magnetic stripe cards transactions, chip transactions will be mostly authorized online.

 

This means that the transaction will be authorized by going online to the issuer host system to confirm the transaction is cleared for processing.

 

 

Basically,  Most transactions are validated directly with the card issuer to confirm the cardholder is allowed to make that transaction and has enough money or credit in the account.
Q:A: What changes do I need to make to my terminals?In order to accept EMV chip payment devices, which include cards that have contact and/or contactless chips, mobile phones and other types of devices, your POS terminal will need to be EMV capable and enabled.  You may already have a chip capable terminal which may need to be enabled or need to purchase a new EMV terminal.

 

Any terminal that you purchase is required to be certified by EMVCo, the organization that manages the global EMV standards for the interaction between the payment device and the accepting terminal.

 

Your payment processor will be able to assist you with upgrading to an EMV capable and enabled terminal.

 

Depending of the infrastructure of your payment systems it is possible that some additional software development may be required to enable a chip payment to be processed.  As this can take time, it is a good idea to reach out to your processor/s as soon as possible to minimize any potential delays.

 

Basically,  If you want to protect yourself from Counterfeit and Lost & Stolen fraud chargebacks you will need to upgrade your terminals and support PIN and other cardholder verification capabilities.  (This is optional, but strongly recommended.)

 

Your payment processor will have a variety of approved EMV enabled terminals you can choose from.

 

There may be some extra work that needs to be done to support the new terminals, so talk to your processor sooner than later.

   

 

  • All views expressed on the published articles at https://www.mastercardbiz.com are those of each of the authors, and do not in any way represent the opinions of Mastercard International Incorporated or any of its affiliates (“Mastercard”). Mastercard is not responsible of the information contained in these articles.