Technology is consistently evolving, and fraudsters are hardly struggling to keep up. Criminals are constantly coming up with new ways to scam both merchants and consumers out of money and product. With October nearing and the impending shift to EMV payment acceptance in the U.S. just around the corner, fraudsters aren’t backing down. They, too, are shifting focus.
EMV (Europay MasterCard Visa) technology is the global standard for payment cards. The United States is the last of the developed countries to implement EMV payments and do away with the magnetic strips we have come to know. EMV cards will be issued from all major card networks throughout the country, and are expected to drastically decrease card-present point of sale fraud.
The liability shift will be indisputably huge and will affect hundreds of millions of consumers. The merchants, however, are the ones who need to be prepared. Consumers will simply use their new cards in the same way. The merchants will either need to adopt the new mechanisms and payment terminals, or they will need to be ready for battle.
It is easy to predict that those merchants who do not implement EMV processing points in their United States locations will become prominent targets for fraudsters. This was evident when the rest of the developed world made the switch and hackers began to zero in on the U.S. in response. Magstripe cards are easier to duplicate and magstripe readers are easier to manipulate. EMV is reigning supreme for a reason, and that reason is security.
Not only are merchants who refuse to progress to EMV payment processing susceptible to hackers, but they will be liable for their customers as well. The liability shift forces merchants that don’t comply to take responsibility for any financial losses that they incur, as well as that of those whose payment cards have been compromised.
The threat of security breaches and major payouts will be enough for most merchants to make the switch. While this is ideal for companies that process solely card-present payments, that’s not the case for e-commerce retailers.
EMV’s chip and pin or chip and signature technologies provide added protection from fraud because the chip itself cannot be cloned. The integrated circuit (microchip) embedded in EMV cards, encrypts the customer’s information and ensures that duplicated cards are unreadable at EMV payment terminals. This added security in point-of-sale transactions would force fraudsters online, where fraudulent and duplicated cards will not be automatically rejected.
E-commerce merchants must take added precautions to prevent being taken advantage of:
- Keep a paper trail; never rely on temporary files.
- Record any communication between your company and the customer.
- Require card security codes.
- Request additional information.
- Always get authorization and address verification.
- Consider implementing 3D Secure, tokenization, and P2PE.
- Use electronic signature pages.
Photo by Serge Bertasius Photography/FreeDigitalPhotos.net
Monica Eaton-Cardone is Co-founder and COO of Chargebacks911.com.