Consider This If You Haven't Upgraded to EMV
ALEXANDRIA, Va. — Convenience store operators who have yet to upgrade their point-of-sale (POS) devices to comply with EMV standards should consider four factors before deciding whether to make the move or not, Kristi Kuehn, vice president of compliance for Heartland Payment Systems Inc., advised during a webinar hosted Thursday by c-store technology trade association Conexxus.
EMV — an acronym for Europay, MasterCard and Visa, the three companies that originally created the security standard — is intended to make it more difficult for cyberhackers to steal customers’ personal information.
EMV reached an important milestone in the United States on Oct. 1, the date of the first liability shift. Now, c-store retailers can be held financially responsible for fraudulent transactions if a customer presents an EMV chip card at the POS and the retailer only has a magnetic stripe card reader.
C-store retailers were not legally required by any government agency or credit card purveyors to make the upgrade to EMV at the POS. However, if held financially responsible for fraud, some retailers could suffer a devastating financial hit.
For those convenience store operators who have yet to make the POS upgrade, Kuehn outlined four steps they should first take:
- Monitor industry news;
- Seek education and updates from a trusted advisor. If a retailer does not know someone who fits this description, a visit to www.GoChipCard.com can help;
- Evaluate the environment, including a c-store’s location and competitive landscape; and
- Consider your budget.
Even if retailers decide to upgrade, EMV will not prevent data breaches on its own, Kuehn stressed. “EMV is best with encryption and tokenization,” she said.
Retailers also face a general public that is still confused about why they now have EMV chip cards instead of magnetic stripe cards.
“We’ve heard of stories where people have actually tried to remove the chip,” Kuehn revealed during the webinar entitled "EMV — Beyond Oct. 1 2015.”
Consumers don’t trust EMV cards and are, at times, frustrated that when making a payment, they need to leave these cards in the POS terminal longer than simply swiping and quickly removing a magnetic stripe card, she added.
Looking ahead, Kuehn wondered aloud when “the end of life” date is for magnetic stripe cards, which are relatively simple for criminals to copy and subsequently commit fraud with. Still, she doesn't think it's anytime soon.
Conexxus (formerly known as PCATS) is a nonprofit, member-driven technology organization dedicated to the development and implementation of standards, technologies innovation and advocacy for the convenience store and petroleum market.