Don't Let EMV Chargebacks Cut into Your Profits

Wednesday, February 03, 2016

With EMV in full swing in the U.S., chargebacks have been on the rise—especially for restaurateurs. Following a successful co-hosted webinar with National Restaurant Association on the basics of chargeback management and best practices last month, we discovered a second installment was in high demand.

The webinar took a deeper dive into the rules of EMV and chargebacks and what you can do to avoid them. If you weren’t able to join us for the presentation, we’ve summarized the high points here to help you better understand chargebacks and the liability shift.

Why EMV, Why Now?

Protecting yourself against counterfeit fraud is one of the main benefits to implement EMV because it’s virtually impossible to recreate the chip. The October 1, 2015 shift has caused some serious headaches, but the ultimate goal is to fix the payment ecosystem by heightening card security. There is, however, a glitch—if your equipment isn’t EMV-compatible, then use of a fraudulent EMV card can go undetected.

Here’s how it works: Fraudsters take the magnetic stripe information from a stolen EMV card and create a non-EMV forgery. However, the magnetic stripe information still identifies the card as EMV. If one of these forged cards is presented and swiped on an EMV-enabled terminal, the magnetic stripe data tells the terminal that this is an EMV card and notifies the cashier to dip the card in the EMV slot. The cashier would then attempt to dip the card and notice the absence of the chip. Fraud averted. With an EMV reader, fraud is virtually impossible unless your terminal tells you to override and swipe—which would then put the liability on the issuing bank.

EMV cards also decrease the chance of a data breach before hackers can get into your system and steal card information to make fraudulent cards. Chip cards store data in a more sophisticated, secure way than the magnetic stripe. If a hacker broke into your business’s EMV-enabled system, they would only obtain an encrypted version of the data—completely useless to fraudsters. The U.S. was the last developed country to adopt EMV. But the alarming rise of fraud in this country made implementation essential. Other countries have seen a decrease in fraud since EMV’s arrival.

Disputes—What’s Different After October 1, 2015?

EMV has designated dispute codes. The kind of fraud that EMV solves has always existed, but most merchants weren’t aware because it was the responsibility of the card issuer. Now the party with the least secure technology is liable, so merchants are seeing more of these codes on their chargeback statements. If a merchant doesn’t have a working EMV reader, then they can’t dispute a chargeback that appears under this code—even if the merchant has evidence the customer was present.

Another issue is “friendly fraud”—also called chargeback fraud. In this instance, customers fraudulently use the chargeback process to secure a refund. Consumers illegitimately dispute a transaction with the bank instead of contacting the merchant for a refund. In short, there’s nothing “friendly” about this type of fraud.

In addition, friendly fraud is very difficult to prove. A few ways to protect your business include requiring a signature for goods delivered to your customers, asking for the credit card verification code or creating/participating in a blacklist database that tracks customers frequently getting refunds on purchases.

Chargeback Trends

The tidal wave of chargebacks has been occurring across all types of markets and states, but there are a few industries and regions that have been the hardest hit since the liability shift.

Top Merchant Categories:

  • Petroleum/inside sales
  • Restaurants/bars
  • Quick Service/vending

High Risk Areas:

  • TX, NY, CA, FL, IL, NJ
  • Large cities/populated areas
  • College towns
  • Foreign cards/border areas

There are some common fraudulent activities you should be looking out for when an EMV card is used. If you notice the same individual is using multiple cards, that should be a red flag. Keep your eye out for large orders. Many times, if fraudsters are going to steal, they want to get the most value they can with one purchase. Another common type of fraud is presenting gift cards that are actually EMV cards. Fraudsters are stealing numbers and instead of making magnetic stripe credit cards, they’re making gift cards. In essence, the sooner you can process EMV cards, the better protected your business will be.

Best Practices If You Don’t Have EMV

If you decided not to update your equipment, there are some best practices and ways to identify counterfeit cards. Make sure the receipt matches the card and verify the last four digits, expiration date and name. Also, compare the signature and facial features to the cardholder’s ID. To learn more about ways to spot a counterfeit card, click here.

Bottom line: The safest bet to protect yourself from chargebacks is to upgrade to EMV. If you do have an EMV terminal, always process chip cards as chip transactions and swipe non-chip cards. If a card is declined, ask for another form of payment—do not re-swipe or override.

What Heartland Does to Protect and Warn You About Chargebacks

  • Makes sure that reported cards are closed
  • Monitors for issuer/customer abuse and looks for patterns
  • Monitors for incomplete or incorrect disputes
Visit Heartland’s EMV page if you’re still on the fence about upgrading your equipment. If you would like to watch the entire webinar, click here.