The time for the adoption of the new Europay, MasterCard and Visa (EMV) cards is nearly upon us and it appears as though many smaller merchants won't be ready for the Oct. 1 deadline.
Some merchants' associations say that many merchants simply do not know about the merchant liability shift
or don't know enough about the shift to make the switch to the new chip and PIN card readers. Cost and a reluctance to change are critical factors, as well.
"Because merchant service providers will not face financial liability with the upcoming shift, many have not prioritized ensuring their customers know about or have made the change," writes Suneera Madhani
, CEO and founder of the subscription-based merchant services group, Fattmerchant. "Or, if they are educating their customers on the liability shift, many MSPs are using it as a money-making gimmick by charging high markups on new equipment."
John Harmon, Sword & Shield's director of PCI and EI3PA Services, said many smaller retailers don't have the technology
to run the EMV cards. Because the chip cards still have the magnetic strip, the merchant will continue to run the transactions as though they are a swipe-only card.
Currently, when a customer uses a strip card, the card issuer, a bank or credit card company, is liable for any fraudulent purchase. However, after Oct. 1, if a customer has a chip card and the merchant doesn't have the proper card reader, the merchant must pick up the tab if fraud is involved. The banks and credit card companies will only cover the bill for chip cards used in EMV chip card readers.
Harmon warned that merchants that have not prepared for the transition to EMV need to determine if their business can survive the potential losses associated with fraudulent transactions. Some customers also may express concern for the security of their credit card if their favorite merchant does not use the new equipment.
Sword & Shield consultants are experts in mitigating risk and providing incident response
services in the event of a compromise.
Call us at 865-244-3500 or email us at firstname.lastname@example.org
to see how we can help.
Director of PCI and EI3PA John Harmon will present a Special Interest Group update to the PCI Security Standards Council's North America Community Meeting on Thursday, Oct. 1 at 10:15 a.m.
Harmon and the PCI Council's Standards Manager Jake Marcinko
will update members on Daily Logging and Monitoring, one of only two topics chosen
to be featured by the council throughout 2015. Harmon presented the topic to the PCI Council last year and has worked to develop processes that help businesses reduce the time a breach goes undetected, provided guidance to organizations in meeting the daily log monitoring requirement and helped to provide businesses of all sizes with the tools they need to review their daily logs.See More
Security threats to networks and data never end. The threat landscape is constantly changing and keeping up with new threats is a large and costly challenge.
Tighter budgets and fewer resources are also forcing many business owners to re-think their network security plans.
A Managed Security Service Provider can help your organization overcome these challenges.
Join Sword & Shield Director of Managed Security Services Brent Cantrell on Tuesday, Sept. 29 from 11 a.m. to noon as he discusses how to go from, "Zero to Fully Managed."Register here