Retail treasury practitioners voiced their frustrations with EMV chip card acceptance at the 2017 AFP Retail Roundtable. The rollout has been anything but smooth.
The goal of EMV is obviously to reduce payments fraud at the point of sale. While it certainly works better than the mag stripe system, it is not without its flaws.
Magnus Carlsson, AFP’s manager of treasury and payments, asked the group of nearly 30 practitioners whether they would prefer to use chip and PIN over the current chip and signature model, as PIN has proven to be a more secure option. One retailer responded: “Yes, but it will never happen. Chip and signature was an opportunity for issuers to not eat fraud. They’re not interested in reducing fraud. They are interested in reducing paying for fraud.”
Further complicating the issue is the fact that current EMV terminals give customers the option to swipe the card if the chip reader doesn’t work, a process known as a fallback. Clever fraudsters have developed a practice of either inserting cards backwards into the terminal or pull cards out too fast, either of which will invalidate the transaction. After repeated rejections, cards are either swiped or have their 16-digit numbers keyed in, resulting in fraudulent transactions.
This becomes an issue for retail treasury because if a fraudster is permitted to make a purchase by swiping the mag stripe on a chip-enabled card, the liability is likely to fall on the retailer. If the retailer can prove that the card inserted in the chip reader first and it was rejected, they can get out of eating the cost—but this is virtually impossible to do. “Proving to the credit card company that it was a fallback, as opposed to you just deciding to swipe the card or punch in the 16-digit card number, is very difficult,” said the retail treasurer.
So while being EMV compliant protects merchants from liability for fraud at the point of sale, retailers have been getting burned by this common workaround. To remedy the issue, some retailers are no longer allowing cards to be swiped or keyed in. “The fraud is just too great,” said another treasurer. “We’ve taken it away because 90 percent of our brick-and-mortar chargebacks were technical fallbacks.”
Magnus Carlsson, AFP’s manager of treasury and payments, asked the group how many of them have installed EMV terminals. Nearly all of them raised their hands. However, when he asked how many of them are EMV certified, only a handful said that they were.
This is been a recurring issue; retailers have largely adopted EMV but have had major problems getting certified through their issuers and acquirers. This has been another key reason for the recent unprecedented surge in chargebacks.
Not all retailers found the certification process to be difficult. One treasurer, who referred to process of deploying EMV terminals as a “disaster”, nevertheless found certification to be fairly painless. Another, who decided to do the entire implementation and certification process at the same time, didn’t have too many issues either. “It was stressful, but far worth it,” she said.
Still, all in all, becoming certified hasn’t been easy. One reason why could have been the EMV liability shift occurring in October 2015, right before the Christmas holiday that year. Many retailers held off on implementation and especially certification because they didn’t want it to disrupt their sales during the holiday shopping season. This lead to a bottleneck at the start of the following year.
“I think their timeframe for certification was virtually impossible,” said one retailer. “It was those first two quarters in 2016 when all of us were all trying to get it done as fast as we could. So if you were ahead of the game, certification was probably easy. But otherwise, it was a traffic jam."