U.S. payment card security will get a boost in 2015 with broad issuance of EMV chip cards. Yes, this includes Commercial Cards, too. To learn more, I discussed the ins and outs of EMV with Jack Jania, Senior Vice President, Strategic Alliances, Gemalto Inc., a world leader in digital security.
If you haven’t been following this topic, EMV stands for Europay-MasterCard-Visa and refers to security technology that is incorporated into cards with a smart chip. You will be hearing even more about it from your card issuer prior to the rollout of the new cards.
What EMV Does and Does Not Do
As Jack noted, EMV cards reduce cross-border fraud, point-of-sale (POS) fraud and card cloning. EMV does not shut down all fraud channels, such as online fraud, and it does not encrypt all transaction data. Because POS transactions far outnumber online transactions, the industry has been focusing its security efforts on the POS side first.
EMV Migration in the United States
October 1, 2015, is the target date for converting to EMV in the United States, which has been behind other developed countries in this regard. As an incentive for issuers and merchants, there will be a liability shift at that time. Jack explained that, if a POS terminal accepts EMV cards, but the card used for a purchase only has a magnetic stripe (“mag stripe”), then the card issuer is liable for any fraud. Conversely, if an EMV card, which will still have a mag stripe as well, is used at a non-EMV POS terminal, then the merchant is liable.
What Your Cardholders Will Experience
Because of the added chip, the card will look a bit different, but some cardholders might not even notice. For online transactions, which comprise the majority of P-Card transactions, the process will be the same. A cardholder would enter their card number, expiration, CVV, etc. For in-person transactions, an EMV card could have a PIN assigned to it, which a cardholder would need to provide at the POS. The alternative to chip-and-PIN is chip-and-signature.
For more EMV information, read the complete article based on my interview with Jack, including who incurs the cost of moving to EMV and the learning curve that might occur with your cardholders. See also a Q1 2015 blog post on EMV options.
Another payment security development to watch is tokenization, which is what Apple Pay utilizes. It is a form of encryption that prevents account information from being stolen by replacing it with a random token during the purchase process. Clearly, this will be the future of online commerce.
About the Author
Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more…