 |
| Credit: Hamik/Shutterstock |
It's not news to anyone that credit card fraud and data hacks are big problems in this country. The last couple of years have been notorious for high-profile corporate breaches. In fact, just yesterday (March 19), Target agreed to pay $10 million to settle the class-action lawsuit regarding the customer information stolen during its now-famous 2013 breach.
The bad news for both businesses and consumers is that America's data security problem doesn't seem to be improving. The first quarter of 2015 has seen at least 150 confirmed breaches, according to a March 11 weekly breach report published by the Identity Theft Resource Center.
Since individual organizations can only do so much to halt cybercriminals, the government has stepped in to lead a nationwide effort to better protect consumers from fraud. In October 2014, President Obama issued an executive order to implement enhanced security measures for consumer finances. Part of this order, which is detailed in a White House fact sheet, requires payment card issuers to embed cards with more-secure EMV microchip technology by October 2015.
EMV, which stands for Europay, MasterCard and Visa, is a global credit card standard that enhances the security of in-person card transactions. EMV technology allows sensitive cardholder data to be stored in a chip, rather than in the traditional magnetic stripe found on most payment cards today. In an article on CreditCards.com, author Sienna Kossman explained that every time an EMV card is used for payment, the chip generates a unique transaction code that cannot be used again. This provides a huge advantage over traditional cards, whose magnetic stripes contain unchanging data that can be stolen and replicated over and over again by hackers. EMV cards provide an additional layer of security by requiring a PIN input instead of a signature when authenticating purchases, said Dax Dasilva, founder and CEO of point-of-sale system provider Lightspeed.
For EMV technology to work, the point-of-sale (POS) system where the card is used must be equipped to read and communicate with the microchip, said Tyler Vaughey, vice president of U.S. small merchants for American Express. Card issuers are beginning to issue chip-embedded credit and debit cards, but not all merchants have made the switch to EMV POS terminals yet. Once the industry-wide EMV policy takes effect this October, any merchant without chip-enabled systems may be held liable for any fraudulent transactions that occur, Vaughey said.
A recent American Express survey found that small businesses know how real the possibility of a breach is. Sixty-seven percent of U.S. small merchants said preventing and protecting against credit card fraud was very important to running their business, and 52 percent felt they are more vulnerable to fraud than larger companies. But this group in particular is woefully unprepared for the transition to EMV technology: Nearly half of the merchants surveyed were unaware of the fraud liability shift occurring in October, and 38 percent either haven't decided or do not plan to upgrade to EMV-enabled POS systems.
Those who do not plan to upgrade pointed to the hefty price tag (57 percent), difficult software upgrades (29 percent) and consumer education challenges (28 percent) as their main barriers to implementing EMV technology. While the switch will indeed require an up-front investment, it's more than worth it if you want to save yourself legal and financial trouble in the future.
"Switching to EMV will mean adding new in-store payment technology and internal payment- processing systems all while complying with new liability rules, but it's a crucial investment," Dasilva told Business News Daily. "As of now, if your ... systems are not updated by Oct. 15, 2015, your business ... would be required to pay to cover all fraudulent activity out-of-pocket. Small businesses often can't afford to take on this kind of liability, and being ahead of the game will make your small business appear even more trustworthy and established."
If your business does decide to upgrade to an EMV system in the near future, Dasilva advised thoroughly researching your potential vendors to make sure they have a proven record of innovation and advanced technology. The system you choose should have enough features and capabilities to adapt to both current government regulations and future market developments.
"In this day and age, payment platforms should be doing much more than accepting and processing payments," Dasilva said. "Look for a provider that's doing more for a cost that fits your small business budget."
In addition to upgrading your POS system, Vaughey emphasized the importance of staying up-to-date on the latest developments, laws and programs surrounding payment card fraud. For example, American Express recently launched a program offering a $100 reimbursement for eligible merchants who upgrade to EMV terminals. More details about this program, which runs through April 30, 2015, can be found at www.americanexpress.com/fightfraud.
Correction: An earlier version of this article indicated that the EMV fraud-liability shift was government-mandated, rather than an industry-wide policy.
No comments:
Post a Comment