Helping SMBs Better Understand EMV Adoption
The October 1 EMV (Europay, MasterCard and Visa) liability shift deadline is fast approaching, and it is apparent that many small to medium size businesses (SMBs) won’t be ready with an EMV-capable payment solution. According to a research report by Software Advice, only approximately 11 percent of small businesses are prepared. Among the obstacles: lack of understanding about the value of EMV, limited solution options within budget, reluctance to invest in and implement a new system and a daunting testing and certification process that can delay software developers.
The EMV standard was developed in the 1990s in Europe, and the U.S. is the last industrialized nation to adopt it. Microprocessing chips in EMV cards help reduce card-present fraud by issuing a dynamic authentication code for each transaction, making it virtually impossible for hackers to produce counterfeit cards. This is an advantage over magnetic stripe cards, which use static data that can be stolen and fraudulently reused.
Although EMV is not a mandate, as of October 1, the liability for counterfeit transactions shifts to the least EMV-compliant party; so if an EMV card is presented but the merchant doesn’t offer the ability to process it, the merchant is responsible for the cost.
While SMBs may believe that their revenues are too small or card fraud too limited to justify upgrading to EMV-capable terminals, EMV offers several important benefits:
Greater security for customers
Fewer disputes for fraud
Decreased chargebacks due to counterfeit or stolen cards
Improved consumer confidence, as SMBs offer same secure technology as larger merchants
At the same time, costs of implementing EMV include hardware and software upgrades, testing and certification, and time, as well as training resources.
While the process to transition to EMV may seem complex, merchants can utilize multiple resources to better understand and implement a new solution that protects them and their customers.
Certified EMV Solutions
An EMV-capable system must include EMV Level1- and Level 2-certified hardware and software. Level 1 certification comprises the physical interface between the card-accepting terminal and the EMV card, and Level 2 addresses the software interface between the card to the terminal; both are the responsibility of the hardware manufacturer.
Level 3 (L3) certification tests each unique EMV path to the network – the hardware+ software+processor combination. The POS developer must certify each terminal to each credit card brand (Visa, MasterCard, American Express and Discover), which individually have different tests for each transaction path. Understandably, just one L3 certification can take months to complete, as the process is lengthy, expensive and currently backlogged by so many parties vying to certify their software.
Simplifying the Process
The good news is that in November 2014, EMVCo released a new Brand-Aligned Terminal Integration Testing Framework, which unifies methodologies as a way to expedite the certification process. While the new framework can be adopted for manual or automated testing, processers who have an automated system can maximize efficiency and offer a greater number of EMV-capable solutions to merchants more quickly.
In addition, the Payments Security Task Force, the PCI Security Standards Council and the EMV Migration Forum recently announced a new education and pre-qualification program for VARs and ISVs to accelerate EMV testing and certification for their POS systems in order to more efficiently serve their customers.
Experienced processors that have implemented EMV in other countries, as well as processors that are designated as certified agents of one or more card networks, are better positioned to condense the testing and certifying process and simplify implementation for POS developers.
Merchants should consult with their Independent Software Vendor (ISV) and/or processor to determine which solution best meets their needs, including pricing, training, support and timeline. Processors can also assist businesses with suggestions for staff training that help address potential customer questions regarding using the chip reader.
While businesses vet EMV-capable solutions, they should also consider incorporating other payment security features like end-to-end encryption and tokenization into their new system. Also, this is an opportunity to upgrade to terminals that accept contactless payments, such as Apple Pay®.
Another resource for SMBs is the Retail Solution Providers Association (RSPA), the industry organization for POS technology, which offers various EMV guides on its website at www.gorspa.org.
While the complete transition may take years in the U.S., it is critical for SMBs to adopt EMV to reduce card present fraud.
About Infinite Peripherals
The first company to mobilize iOS for enterprise, Infinite Peripherals, Inc. (IPC) is leading the mobility revolution with its enterprise mobility devices, including the Linea Pro® and Infinea Tab®, which multiple major retailers in the United States have adopted to
enhance customer engagement, increase conversion rates and build business. For more information, please visit www.ipcprint.com. Connect with us at www.facebook.com/infiniteperipheralsinc and www.twitter.com/infiniteperiph.
Other articles relevant to the same topic:
Follow us on Facebook – https://www.facebook.com/ThePOSNews
Follow us on Twitter – https://www.twitter.com/ThePOSNews