In just four short months, retail merchants in the United States who accept current payment cards, which are based on magnetic stripe technology, will have to start accepting the new Europay, MasterCard and Visa (EMV), or Chip and PIN cards, or face fraud liability issues.
While many merchants are already purchasing the new terminals, most are not currently online and accepting the new cards despite the short timeframe to meet the merchant liability shift.
Here is a short check list to help merchants adapt to the new readers:
- Dont assume the new Chip and PIN terminals will "take care" of your PCI needs. The requirements are still the same as existing payment cards
- Check that your system supports Chip and PIN cards
- Consult your Qualified Security Assessor (QSA) to ensure your system changes remain compliant
- Check that your EMV migration dates are in line with the key compliance deadlines
- Develop a training program for your personnel to ensure they understand the changes in processes around the new EMV payment cards
Sword & Shield Director of PCI/EI3PA Services John Harmon says the new Chip and PIN technology requirements are supported in the current PCI standards offering merchants a layered approach for secure payment card transactions.
The EMV chip offers an additional layer of security at the point-of-sale by requiring a PIN to be entered at the time of the transactions, however many systems currently only require a signature.
"When you're upgrading to EMV systems, employing point-to-point encryption (P2PE) at the same time is an excellent way to increase security and reduce the complexity of the PCI assessment," Harmon said.
Sword & Shield Security Analyst Eric Walker walks you through information about the upcoming Oct. 1 deadline for retailers to adopt EMV (Chip and PIN) credit card technology and answers whether this technology will help reduce the number of point-of-sale attacks on brick and mortar retailers.
Visit our White Papers
section to download the paper.
Sword & Shield is the highest ranked Tennessee company on this years CRN Solutions Provider 500
(SP500) list, making this the ninth year in a row the IT security and compliance company has appeared on the prestigious lineup.
The annual list recognizes the top revenue-generating technology integrators, managed service providers and IT consultants in North America. Solution providers are ranked based on revenue, determined by product and services sales during 2014.Read more