What does EMV liability shift mean for your business?
When it comes to running your business, payment disputes are bound to happen. It’s a reality of doing business, and at the center of these disputes is who is responsible for reimbursement when a dispute occurs. But in 2015, a paradigm shift took place with the introduction of the EMV liability shift. So in this article, we’ll take a closer look at EMV chips, the EMV liability shift and what that means for a small business like yours. To start, we’ll look at EMV and EMV chip technology.
What are EMV chip cards?
To understand the shift that happened for merchants in accepting credit card payments, it’s important to understand the technology. EMV is a technology that stands for Europay, Mastercard, and Visa. This technology is now on all cards, including other card network cards like American Express and Discover. These chip cards use EMV chip technology, a security feature that makes it more difficult for thieves to steal credit card information. EMV chip-enabled card readers allow customers to insert their credit or debit cards for more secure transactions.
EMV chips contain secure algorithms that generate new authentication codes for every transaction. These codes are then sent to the issuing bank, who confirms the transaction before processing, again helping prevent credit card fraud.
This security feature is a significant advancement in credit card processing. Before EMV chips, merchants swiped the card’s magnetic stripe to process card-present transactions and get a customer’s signature, verifying that they were the cardholder and authorizing the transaction. They’d then compare the signature to the signature on the back of the credit or debit card. However, there are some security risks with this approach because many cardholders wouldn’t sign the backs of their cards. Sometimes, merchants wouldn’t check these signatures, rendering the process less effective.
To make matters worse, the magnetic stripe carried unencrypted card data that was easy to read and copy. That meant that fraudsters could use skimmers to steal card data and then rewrite old cards with that stolen data.
What’s the EMV liability shift?
Also, US consumers believed that “dipping” a card was longer and more involved than swiping, while, in fact, the transaction takes about the same amount of time. Many merchants dragged their feet about adopting the new system, arguing that customers weren’t interested and that the changeover was costly, confusing, and too complicated.
However, chip cards had been the gold standard in other countries. So to incentivize the adoption of EMV chip card acceptance, the card networks introduced the EMV liability shift.
The 2015 EMV liability shift date placed the fault of a fraudulent transaction squarely on the merchant if the merchant allows a chip card to be swiped. Before that, fraudulent transactions that occurred through no fault of the merchant were covered by the card issuers. If fraud occurs due to a credit card being swiped instead of “dipped,” the acquiring bank (who then passes it to the merchant) foots the bill for any transactions that took place. This significant shift highly incentivized businesses to upgrade their payment terminals to ensure they could start accepting EMV chip cards.
However, a few notable exceptions to the EMV liability shift included gas pumps (AFDs or Automated Fuel Dispensers) and automated teller machines (ATMs). While the original exemption date was supposed to be in 2017, the deadline for EMV compliance for these groups shifted even later to 2021.
Now that you know more about the EMV liability shift let’s look at what it means for your business.
How the EMV liability shift can affect your business
Here’s a breakdown of the fraud liability assignment under specific conditions:
- If the counterfeit is a magnetic stripe card with track data copied from a chip card and the POS terminal does not have chip-reading capability, the acquirer is liable for counterfeit card transactions.
- The issuer is liable for all other counterfeit card transactions, no matter the POS terminal capability.
- If the payment card has an EMV chip and a preference for signature verification and the POS terminal does not have chip-reading capability, then the acquirer is liable for lost or stolen card transactions.
- If the payment card has an EMV chip and a preference for PIN verification and the POS terminal does not have PIN verification enabled, the acquirer is liable for lost or stolen card transactions.
- The issuer is liable for all other lost or stolen card transactions, no matter the POS terminal capability.
- The issuer is liable for the widest range of fraudulent transactions, although these certain scenarios now shift the responsibility to the acquirer.
Of course, it’s important to remember that EMV liability only applies to in-person, card-present transactions. For online transactions, it’s important to follow best practices to ensure safe and secure transactions at your business.
As you can see, knowing the importance of the EMV liability shift can ensure you make the best decisions for your business. By following best practices of accepting payments, including accepting EMV chip cards at your business, you’re protecting your business from liability that comes from fraud and chargebacks. That’s why it’s important to ensure you have the technology your business needs so you're EMV compliant and can accept EMV chip-enabled cards.
Heartland is the point of sale, payments and payroll solution of choice for entrepreneurs that need human-centered technology to sell more, keep customers coming back and spend less time in the back office. Nearly 1,000,000 businesses trust us to guide them through market changes and technology challenges, so they can stay competitive and focus on building remarkable businesses instead of managing the daily grind.