Following the massive 2013 Holiday data breach experienced by the Target Corporation and additional breaches reported by the Neiman Marcus Group and Michaels Stores Incorporated, the public has rightfully expressed concern regarding Visa’s and MasterCard’s security. Both corporations have subsequently decided to shift card security liability for counterfeiting fraud due to point-of-sale transactions to the party, merchant, acquirer, or issuer that does not use EMV.
EMV technology supports enhanced cardholder verification methods that provide stronger transaction security versus basic magnetic strip cards and card readers. EMV Co manages and maintains the specifications for the technology’s use and continues to enhance its security features. EMV Co is owned and maintained by Visa, MasterCard, American Express, Discover, Union Pay, and JVC, so it makes sense that these credit card companies would want merchants to use their service. The issue that merchants face is the cost of switching to the use of this service, coupled with the difficulty of preparing for the change. New EMV terminals must be installed, which includes additional software, in addition to replacing old magnetic strips with the new EMV chips that are required.
Visa’s announcement to switch the U.S. to liability due to the lack of the use of EMV card technology was made back in October 2011, with the reported switch beginning in October 2015. Although this change had already been announced, the recent December 2013 data breach has caused many merchants to fear that Visa might go back on its original October deadline. On the other hand, MasterCard has firmly supported the original October deadline and made no mention of any change to their intentions. Charles Scharf, the chief executive of Visa Incorporated, has attempted to quell these rumors, even though other Visa company executives had previously alluded that there might be a bit of wiggle room on the date. Scharf has gone on record to state that the existing deadline is solid. According to transcripts provided by Seeking Alpha transcript service, in a conference call that was conducted with analysts to review the company’s results for the fiscal 2014 first quarter, Scharf stated “In 2011, we had announced a plan to migrate the U.S. to EMV technology through a liability shift beginning in October 2015 and we have reaffirmed these dates.” In response to an analyst’s question specifically about the deadline, Scharf stated, “when you see the kinds of breaches that have occurred recently, it gets everyone focused on making sure that we’re doing all that we can to minimize any potential fraud in the future. So the dates that we had set out are the dates that we are going to stick with.”
Scharf admitted that Visa realizes that a great deal of work will be required by merchants to make the change, but he sites the recent breaches in card security as a worthwhile reason for companies to put in the effort. He also addressed the misinformation regarding who is to blame for the security breaches. He stated, “I’m personally concerned about the amount of misinformation you read in the public domain, from confusion around who incurs the cost of fraud losses, to the misrepresented lack of payment-system security. This is misleading, inaccurate, and not helpful, and can have unintended public-policy consequences. We’re actively engaged with policymakers in Washington, D.C., along with our partners, to ensure that they actually hear the facts and understand the multiple layers of infrastructure that protect the payment system. Unfortunately, many merchants, issuers, and both of their lobbyists are attempting to assign blame in the press and not reacting in a particularly constructive manner, and it’s in all of our best interests that this change quickly.”
Do you need Credit Card Processing? For more information, contact us today at 818-621-4893.