This fall marks a long overdue change for how banks, stores and cardholders will be able to approach — and ideally mitigate — the risk of credit card fraud in the U.S. On October 1, merchants will be expected to upgrade their in-store, point-of-sale (POS) terminals to new EMV-compliant machines. In the run-up to this deadline, banks have been reissuing new debit and credit cards to cardholders that come equipped with EMV chip protection to better safeguard their financial data from the threat of hackers and scammers. Upgrading POS terminals and payment card readers to accept EMV-enabled cards completes the other side of this equation. And while adopting EMV-capable equipment may not be mandatory for these stores, it is being heavily incentivized.
In the past, whenever a counterfeit credit card was used to make a purchase a store, the original card-issuing bank would be on the hook for reimbursing that merchant for any losses stemming from the credit fraud. Going forward, this will remain true — unless the store in question was using an outdated, non-EMV terminal or card reader, in which case the merchant, and not the bank, will be held liable for any fraud.
Consequently, the push for EMV — while already a standard in other parts of the world, including the United Kingdom, Canada, Australia and much of Europe — looks like a catch-22 for many merchants, particularly small businesses. On the one hand, they can try their luck with their current, non-EMV terminals and card readers, but then have to foot the bill in the event of a fraudulent credit card purchase. On the other hand, they could upgrade their POS readers to EMV-compliant machines, but that represents a new and costly investment all on its own. In fact, Javelin Strategy and Research estimates that the cost for issuing EMV-enabled cards and upgrading to EMV-enabled card readers will be a grand total of $6.8 billion.
This debate belies a potentially even more worrisome trend: that EMV may not be the grand solution to credit card fraud protection that many are hoping it will be. Because while retailers and other merchants may be protecting themselves better from in-person transaction fraud, identity thieves and credit fraudsters may just shift their efforts online to card-not-present (CNP) transactions. In fact, Javelin estimates that as EMV adoption becomes more widespread, the cost of CNP fraud will explode by a whopping 90 percent, from $10 billion in losses last year to $19 billion by 2018. And no amount of EMV terminals or card readers will protect merchants from fraudulent purchases made online.
“So, the dilemma: If a retailer shells out for new gear, the investment will do nothing to stave off fraud growing quickly online,” writes Robert Hackett for Fortune. “On the other hand, if the retailer skips the upgrade, then it could become the weakest link in the fraudster food chain, effectively painting a bull’s-eye on its back.”
However it ultimately shakes out, at the very least, EMV cards provide an extra layer of protection for American consumers worried about the rising tide of identity theft. To keep yourself even better apprised of what financial activity — both legitimate and fraudulent — is happening under your name, register with a credit monitoring services. This helpful resource can alert you in the event that signs of certain activity that may be evidence of fraud shows up on your credit files.