Traditional credit and debit cards are prime targets for the bad guys because the data they store does not change. Such is not the case with smart chip cards. The data held in the chip is constantly in flux, changing each time the card is used. “The technology is used to prevent card skimming,” says Joseph Smutz, Sage Payment Solutions’ director of product integration. “That chip – which communicates directly with the terminal during a transaction -- adds an additional layer of security.”
That’s why the move is on to EMV and why those who don’t embrace the change can be held liable for fraudulent transactions. Come October, banks and card issuers will no longer be automatically responsible if a stolen, counterfeit, or compromised card is used. Liability in card-present transactions will shift to the party employing the lowest level of EMV technology. “The concern, from a merchant’s perspective, is that they now have added liability,” Smutz says, “so it would be in their best interest to become EMV compliant.”
The lowdown on liability:
- If a merchant is using swipe and sign technology and the customer uses an EMV chipped card, the merchant is liable for fraudulent use.
- If the merchant key enters a chipped card using a retail merchant account, the merchant is liable if the customer initiates a chargeback. (We recommend that key-entered cards are processed with the MOTO merchant account - which is what the MOTO account was designed for.)
- If a merchant is using EMV technology but the customer has not been issued an EMV card, the card issuer is liable.
- If the merchant uses EMV technology in concert with a customer’s EMV card and fraud still occurs, then the card issuer is liable.