Is Your Bank Ready for EMV?
With card-present fraud liability shift right around the corner in October, it’s important for everyone to understand how these changes affect them as well as the other changes that EMV brings to the financial world.
Largely this breaks down into two types of fraud that EMV is designed to mitigate: counterfeit cards and lost or stolen cards.
Compromised magnetic-stripe cards are used to create counterfeit cards used for card-present/in-person point-of-sale transactions. This affects banks because if the card fraud is the result of the card issuer having not yet issued an EMV-chip-compliant card, then the fraud liability and expense still resides with the issuing bank. However if an EMV-compliant card is used and the merchant is unable to accept an EMV transaction, meaning the payment must default to using the mag-stripe, then the merchant is liable for the fraud expense after October.
Unfortunately few issuers are opting to issue EMV-chip compliant cards that require PINs, rather than signatures, for authorization at the point of sale to mitigate lost-and-stolen card fraud. If there is no PIN associated with the card, then the issuing bank maintains or retains the liability, as they always have. The only time it may shift is if the issuer’s card is PIN-preferring and the merchant doesn’t accept PIN.
There are some differences between card brands. Unlike the others, VISA has chosen to maintain issuer liability no matter where the fault may lie due to their blanket lost and stolen card policy.
The move toward EMV cards is a step forward for anyone who cares about financial information security. If you’d like to learn more about how ITPAC can help your bank protect your customers’ valuable financial information, visit itpacconsulting.com or give us a call today.