EMV, the chip card payment standard developed by Europay, Mastercard and Visa, has been mandated for merchants in the United States as of Oct. 1, 2015. Any retailers not adhering to EMV compliance after this date have payment liabilities shifted on to them in the event of fraudulent transactions. With credit card fraud costing companies $5.5 billion worldwide, being held liable for fraud would be destructive for retailers’ bottom lines. While only 0.12 percent of transactions in the U.S. use EMV, 32 percent of global transactions are handled with EMV.
EMV reduces fraud generated from counterfeit credit cards, as these cards don’t have the necessary chip to approve the transaction. Some EMV cards, such as those used in the United Kingdom, have an associated PIN that must be used along with the smart chip. If both of these factors aren’t in place, the transaction cannot be authorized. The U.S. implementation of EMV does not currently require the PIN, instead allowing customers to sign for purchases. However, a majority of credit card fraud takes place with counterfeit credit cards, so EMV implementation cuts down on this security concern.
EMV does not negate all security issues associated with credit card fraud and data breaches. It cuts down on counterfeit card and unauthorized card usage, which helps protect consumers and credit card companies. Retailers can still be vulnerable as it does not automatically protect sensitive data from being transmitted from a retailer POS to payment processing. This is where point-to-point encryption, or P2PE, and tokenization pick up the data security slack. P2PE encrypts the information at the swipe on the POS, and tokenization adds security by translating that data from sensitive information to a unique ID that keeps the original information safe from breaches. By combining these security measures into a POS, the retail business introduces a security triple threat that handles major credit card vulnerabilities without compromising the customer experience.
A modern POS system offering PCI compliance allows retail businesses to seamlessly implement EMV compliance into their infrastructure, as well as support for P2PE, tokenization, and other security measures.