Fraud Control: Is Your ATM and POS EMV Ready?

atm emv deadline liability shift

What Is This Fuss About EMV?

EMV (Europay, Mastercard, Visa) payment technology is the new worldwide standard in providing secure monetary transactions and has seen increased usage over the years. The United States has long been a curious exception to this trend, though the technology’s arrival has been heralded on U.S. shores for years now. However, within the past few months the effects and consequences of this technological shift began to affect all venues and merchants in a very direct way. Ever since the credit card point of sales liability shift in 2015, upgrades to EMV compliant ATM systems have become extremely pertinent, if not absolutely imperative, as the threats of penalization and/or data breaches become more real as time passes.

Understanding EMV Technology

EMV technologies present several tangible benefits to both merchants and customers. Beyond the scope of older magstripe card data, this new security approach makes use of microprocessor chips embedded in the newest generation of credit cards. Not only do these microprocessor chips make newer cards nearly-impossible to economically counterfeit, they also enable substantial security measures when used with EMV-compliant terminal slots. In addition to utilizing private PIN numbers to protect stolen cards, EMV cards use an encrypted 2-factor authentication process, including a unique code generated for every transaction to protect against point-of-service breaches and transaction duplications. Aside from the embedded chip, there is little physical difference between EMV and older credit cards, as EMV cards still possess the traditional magstripe (for now), and are physically identical to older cards in every way.

So What Does This Mean For You?

Card issuers are also pushing for a shift towards universal EMV accessibility by shifting liability towards merchants and ATM owners whose EMV non-compliance creates opportunity for criminal breaches. Beginning in October 1, 2016, Mastercard is no longer liable for counterfeit and fraud stemming from the absence of EMV terminals, in both domestic and international ATM transactions. The various liability scenarios are as follows: if a guest were to use an older magstripe card at a magstripe ATM terminal, then the ATM owner is usually not liable for any ensuing criminal activity. If, however, the guest was to use a chip-enabled card at a non EMV compliant ATM terminal, the ATM owner will be held responsible for any transactions, as a result of not having upgraded their ATM terminals. Finally, if a chipped card is inserted into an EMV-enabled ATM, the card issuer will bear liability rather than the merchant.

How to Prepare

Some might say that you are in no immediate financial danger if you choose not to integrate EMV technology into your POS (point of sales) and ATM fleet, but in reality, the threat is ever-present. The entertainment and hospitality industry, even more so than others, is an attractive target for data breaches, and a single incident may bring irreparable harm to an establishment’s reputation and financial standing. Consequently, it is best to analyze payment and ATM transaction systems sooner rather than later for EMV-compliant upgrades. With proper planning and strategy, merchants can provide their customers with the best experience by stopping fraud before it starts.