EMV - Coming to Your Wallet in 2015
- Jun 24, 2013
EMV is moving us from magnetic stripe cards to more intelligent devices such as integrated circuit or "chip cards" that greatly reduce counterfeiting and fraud. Learn more about EMV and how this shift will impact merchants in the latest infographic from Cayan.
Click Infographic to Enlarge
For easy integration of this infographic on your website, simply copy and paste the following embed code. We do ask that if you chose to embed this infographic, or leverage the information outlined for your own work, that you include a reference link to the original source content.
Cayan has collected a variety of information about the way that EMV is moving towards new technologies that will improve the security of financial transactions.
What is EMV?
EMV, short for EuroCard, Master Card and Visa, has begun creating smart cards that are the same size and general appearance of standard credit cards, but they are generally inlaid with gold or silver contacts. There are three types of cards: ones that require contact to work, ones that work at a short range and ones that work both ways. When these cards are inserted into a reader, the reader provides power to the card's microprocessor. The microprocessor contains cryptographic keys along with algorithms that provide encryption needed for transactions, such as digital signatures. The processor also contains basic cardholder information, enabling offline transactions to take place using the card.
Merchants Must Comply
These new smart cards are already commonplace throughout Canada, Europe and Asia, with 1.5 billion of them in circulation and more than 21 million terminals enabled for their use, which representing 45 percent of cards in circulation and 76 percent of payment terminals. While EMV smart cards have increasingly become the worldwide standard for payment, the United States still lags far behind, mainly due to a lack of consumer demand and the cost of replacing existing terminals. However, by October of 2015, businesses in the United States will be required to accept them.
Along with requirements to start accepting these cards, card providers have also started mandating that merchants comply or face consequences. If merchants do not start accepting these types of cards within four years for Visa and three years for MasterCard, the merchants will be held liable for fraud.
Reducing Card Fraud
Standard credit cards have a magnetic stripe with information that does not change, so thieves can lift this data and create a fake card. On the other hand, smart cards use encoded data that changes for every transaction, making criminal activity much harder. As a result of not adopting new smart cards, the U.S. has been the number one country for credit card fraud for the last five years running. It is estimated by the Mercator Advisory Group that credit card fraud costs card issuers $2.4 billion annually.
Best Practices For Businesses
Smart cards issued by the EMV do not require a PIN or signature, although the banks issuing them may specify their use. The majority of countries that have adopted the new smart cards require a combination of the chip that exists in the card along with a PIN number for verification. This is due to the fact that the PIN provides much better fraud protection than signatures and is something that can be verified immediately, whereas a signature is something that the merchant has immediately but still relies on verification in the future.
Online and Offline Transactions
Chip based transactions can be handled online or offline.
With an online transaction, details of a transaction are sent to a card issuer for verification, providing an extra layer of security. The majority of fraud mitigation tools are online and work in real-time. Online authorizations also make chip production, key management and merchant infrastructure easier to manage.
Offline transactions are handled by sending the information from the merchant's terminal to the card's chip for verification. This is not as secure, but it is consistent with global standards and ensures that the transaction follows the standards set by the card issuer. It also allows transactions to take place in the absence of a normally required online connection.