By Suzanne Coleman
Chief Technology Officer
December 4, 2014
There has been a lot of discussion in the media about EMV, or chip-card technology. Generally, the information available to consumers is minimal, and really doesn’t provide much insight into what a chip card is or how this new technology affects them. For merchants and software developers, much of the information available is too technical or detailed to be useful.
Intrix has developed a paper intended to address these information gaps. The Intrix paper on EMV explains the terminology (EMV, Chip and Signature, Chip and Pin). It also explains, in easy to understand language, how the chip card is used in the retail environment, what the consumer will experience, what the merchant will experience, and what application developers need to know.
Excerpts from the paper:
There are many terms being used in relation to the topic, but they all boil down to use of a credit card that has a circuit chip embedded in it. This chip is called an Integrated Circuit Chip, hence the term “ICC”. This technology was developed via a joint effort between EuroCard, MasterCard and Visa, hence the term “EMV”. Cards with this chip will perform some authentication of the person presenting the card before an actual authorization request occurs. Cardholder authentication may include the use of a PIN, hence the term “Chip And Pin”. The PIN is not always applicable; sometimes a signature is used, hence the term “Chip And Signature”. They all boil down to the use of cards with an embedded chip, with that card being inserted into a card reader device.
There are a number of key factors of which merchants should be aware.
Effective October, 2015, the rules of who accepts the risk for fraudulent retail transactions will change to be the same as the rules for eCommerce and Mail Order Phone Order (MOTO) if the transaction was not initiated using EMV. Currently, a retail, swiped transaction that is approved by the card issuer will be funded by that issuer if the card is found to be fraudulent. With the risk shift, that risk moves to the acquiring bank (the merchants bank) unless the merchant used an EMV terminal for the transaction. Acquirers will pass along the risk ownership to the merchant when the risk shift goes into place, so the merchants will be responsible for those fraudulent charges.
EMV is only relevant to merchants who perform card-present transactions, it does not apply to eCommerce.
Merchants using Point Of Sale systems or other software need to check with their software providers to determine when their systems will be ready to support EMV, and what equipment those software vendors have implemented.