What Happens If I Don't Update My Credit Card Readers to be EMV Chip-Enabled?
Since the deadline to update credit card machines to be compatible with EMV chip cards passed on October 1, 2015, you likely realize there is no penalty for failing to comply.
However, that does not mean that failure to make the switch comes without consequences. The shift occurred as a way to fight credit card fraud, and banks issued millions of new debit and credit cards as part of this effort. Merchants who refuse to switch to compatible credit card machines now assume liability for purchases made using counterfeit credit cards.
Get Free Credit Card Reader Price Quotes
What Does EMV Mean?
The acronym EMV stands for Europay, MasterCard, and Visa, the three originators of this new technology. Since then, American Express, Discover, and UnionPay joined these fraud prevention efforts. The result is that these six main providers include these microchips in their cards.
Previously, card information was contained in the magnetic strip on the back of a credit or debit card. The customer swipes the cards, the machine reads the strip, and the purchase goes through. The information never changes, making it a simple matter for hackers and thieves to steal this information or create counterfeit cards. The chips inside an EMV card are tiny computers. Each transaction creates a unique code, making them useless for hackers, since the codes work only one time, and are not tied to a particular card.
European countries began using this technology years ago, and saw a dramatic reduction in credit card fraud. Add that success to the United State's dubious distinction of being the home to nearly half of all credit card fraud, and it's no surprise that U.S. companies joined the EMV chip revolution.
Not only do the unique codes generated with each transaction work one time only, the chips themselves are nearly impossible to counterfeit, since each represents a microprocessor. The information is harder to steal, which protects consumers, and the card itself is more difficult to counterfeit, protecting providers.
Do I have to Update Your Card Readers to Use EMV?
The short answer is no, you do not have to update your credit card readers. For now, cards will still include the magnetic stripe the old system uses, so the old machines still work. The cost to the merchant that chooses not to upgrade is one of liability.
In the old system, banks and other card issuers assumed financial responsibility for purchases made with counterfeit credit cards. With the advent of the EMV chip cards, they no longer assume this responsibility. This means that, any fraudulent purchases made are the responsibility of the merchant accepting payment, not the bank.
The thinking behind this is that the banks did their part to fight fraud by replacing millions of magnetic stripe cards with the new technology, at the cost of $3.50 per card. Fighting fraud takes banks and merchants working together.
Another point in favor of making the switch despite there being no legal compunction is the increased vulnerability of fraud for businesses that experienced little of it in the past. Large companies, such as Wal-Mart and Kroger, made the switch years before the deadline. Criminals using fraudulent cards now must go to businesses without the chip-reading capabilities. No protection from the banks on these "purchases" means that the small business owner eats these costs.
Liability Timeline for Change
In the U.S., the EMV chip process happened in stages, as did the banks' shifting of liability for fraudulent purchases.
The first rollout date occurred on April 19, 2013, when Maestro shifted liability on its international chip cards used in the United States. On October 15, 2015, POS terminals accepting Visa, MasterCard, American Express, and Discover became liable for fraudulent purchases. This date was also the date most credit card companies and banks issued chip cards to their cardholders.
MasterCard shifts its ATM liability on October 1, 2016. A year later, on October 1, 2017, pay-at-the-pump gas stations assume liability for purchases made with Visa, MasterCard, American Express, and Discover. In addition, Visa and American Express liability goes into effect at ATMs.
Is there a Mandatory Deadline?
Again, no. Many smaller businesses, such as coffee shops, family-owned restaurants, and local retailers typically do not worry as much about fraud, and may choose to make the change to the new readers at whatever time they planned to upgrade or change their current magnetic stripe system. Only the individual business owner knows whether the loss of fraud protection is worth the cost of an upgrade (around $200 if you're simply switching to a straight machine, but higher if your POS system includes lots of bells and whistles).
Talk to your current payment processing team to determine the full cost.