Getting ready for EMV
On October 1, 2015, the U.S. payment processing industry will be undergoing a sea change. Called EMV (for Europay, Mastercard, and Visa), this will forever change how credit cards are processed in this country.
Visa has an interesting synopsis that boils this down pretty succintly:
Here is some additional information that you'll find useful:
Basically, the new rules state that the liability for card-present fraud will shift to whichever party is the least EMV-compliant in a fraudulent transaction.
Let's take a look at what this means for a merchant:
If a merchant accepts a traditional mag stripe credit card in a fraudulent transaction, the merchant is generally not liable, same as today.
If a merchant accepts a chip card (EMV) in a fraudulent transaction as a swiped transaction, the liability shifts to the merchant, as the least compliant party to the transaction.
If a merchant accepts a chip card in a fruadulent transaction, using a chip enabled device, the merchant is not liable, and the burden of the fraudulent transaction falls to the issuer.
To be clear, having an EMV terminal in and of itself does NOT make you compliant. You need compliant hardware, and a compliant software application. A PDF of the data standard security from the PCI Security Council can be found here:
As a Qualified Integrator and Reseller (certified by the Payment Card Industry Security Standards Council, or PCI-SSC), I can help you navigate and help you with the right solution for your business.