A little more than five months ago, businesses across the U.S. faced a deadline that changed their point-of-sale process. The introduction of upgraded EMV-compliant payment terminals meant liability for fraudulent charges shifted to noncompliant retailers.
However, warnings of the impending change motivated only about 20 percent of businesses to upgrade their payment terminals, Fast Company reported. This came to a total of 766,000 merchants that accepted EMV cards at the end of 2015.
The switch of liability was meant to encourage merchants to take advantage of a more secure payment method: the chip. This small addition to new credit cards transmits credit card information to merchants in a different way than the traditional magnetic strip most people are familiar with. The data transmitted through the chip can’t be duplicated in the aftermath of a data breach. This is key, because it deters fraudsters’ efforts to gain unauthorized access to other people’s finances.
Fraud still a concern
The slow adoption rate has had some consequences, though, and they go beyond the business’s responsibility for data breaches. While fraudsters continue to steal data, they are now refocusing their efforts to merchants that have not made the switch.
Another result of the EMV switch has been the way fraudsters search for ways to obtain information.Online fraud has increased since the switch, according to research from PYMNTS. This is coming at the same time that online spending has increased 15 percent, giving thieves more opportunities to steal information.
Card services to combat fraud
While fraud continues to be a concern for consumers and merchants everywhere, there are evolving technologies that can help to protect businesses and shoppers. Using systems that control how or where a card is used can help to reduce theft. For instance, some credit unions offer the ability to set up a card so it is only able to be used in the presence of a particular cellphone.
“If you’re using your card in Florida, and your phone is in New York, for example, that might look like a much more suspicious transaction than if both you and your phone are in New Orleans,” explained Stephanie Ericksen, Visa’s vice president of risk products.
Implementing these assets in cards has the ability to reduce fraud by 60 percent, as seen in Member Access Pacific’s CardControl services.
Additional authorization requirements can also improve security, such as a PIN entered to complete a purchase. However, even a PIN can be stolen.
A trend that addresses both the security benefits of another layer of protection a PIN offers as well as the code’s susceptibility to theft is biometrics, namely for authorization during mobile payments.
Reduced risk in mobile
Mobile payments has been gaining in popularity, though it has been slow going. As more people adopt mobile wallets, they may feel more secure in their transactions – PYMNTS noted mobile is widely regarded as the most secure form of payment.
Mobile payments often offer that second layer of protection some EMV transactions don’t require, whether it be through a fingerprint, a facial scan or other authorization method. They also encrypt the payment information through tokenization, which is inaccessible to hackers, CUToday.info reported.
“From a security standpoint, tokenization is utilized in most digital wallets, which allows a cardholder’s token to be suspended or burned in case of a device compromise without reissuance of a card,” explained Melissa Santora, the product strategist of card services at the Wisconsin-based financial services technology company Fiserv. “As consumers slowly move to mobile payments, the education of tokenization and the benefits of its security will follow.”
EMV terminals are typically equipped with near-field communication technology. Because of this, if a merchant enables both the EMV reader as well as the NFC capabilities, consumers have the option to choose how they want to pay. Many may opt to take out their mobile wallets rather than the physical ones in their pockets and purses.