The transition to EMV cards has begun and the primary reason is to make credit card transactions more secure to protect cardholder data from fraud. Lets take a closer look at this technology and what it means for D.C.s and their patients
by Tracy Schmidt in Money Management on Thursday, August 20, 2015
EMV cards are equipped with microprocessor chips that support dynamic authentication and encrypt sensitive card information. These chips offer enhanced security in three ways:
- Card authentication: EMV chips generate a unique code, or cryptogram, that is different for each transaction. Traditional credit cards store unchanging data in the magnetic stripe, so whoever accesses that data has everything he or she needs to potentially create a duplicate. This is virtually impossible with an EMV card because the stolen number would never be valid again, due to the chip authentication.
- Cardholder verification: PINs or signatures are required to verify the cardholder’s identity. Verification is used to protect against lost or stolen cards.
- Transaction authorization: There are two types of authorization processes: online and offline. With an online transaction, information — including the unique chip code — is sent to the card issuer, which either accepts or declines the transaction. In an offline transaction, the terminal uses risk parameters stored within the card’s chip to determine whether or not to accept the payment.
Credit Card Fraud
While credit card fraud has continued to rise in the United States, countries that have adopted the chip card technology have seen a decrease in card-present fraud.
Even so, when one type of fraud is locked down, another is bound to expand. An increase in card-not-present (Internet purchases, for example) fraud could be expected because online payments will not have to go through the same dynamic authentication.
A Shift in Liability
In order to streamline the migration to EMV, the card associations (Visa, MasterCard, Discover and American Express) are dictating a Fraud Liability Shift for October 1, 2015. After that date, liability for fraudulent charges will fall on the shoulders of the least compliant party. For example, if a consumer attempts to pay with an EMV card in your practice, but you, the merchant, do not have the technology to process the payment, you are liable for any fraudulent activity that arises out of the transaction.
NCMIC Finance Corporation offers merchant credit card processing and is actively assisting our D.C.s customers with the EMV transition. We invite you to contact us with any questions.