EMV Challenges Remain for Retailers

Announced a few years ago, the October 1, 2015 Europay, Mastercard and Visa (EMV) conversion date for retailers to avoid the liability shift for card fraud has still not been met by many storefront merchants. This is the case for several reasons, including:
  • All merchants have not yet ordered their EMV-capable equipment.
  • There is a backlog for merchants that only ordered their EMV-capable equipment last fall.
  • Required certification of each merchant’s EMV process is delayed due to a backlog of requests.
  • The certification process itself can be complex (dealing with software and hardware vendors) and slow, taking a month or longer.
Some industry analysts estimate that up to 40% of all merchants still do not have EMV equipment in use, and in turn are incurring many more chargebacks. This is in contrast with the 76% of CFOs from the largest retailers who said they completed their EMV transition in BDO’s 2016 Retail Compass Survey of CFOs. This discrepancy indicates that middle-market and smaller retailers may be facing more challenges with EMV compliance than their larger counterparts. On top of this, the risk of fraud has increased for merchants without EMV terminals, since fraudsters tend to avoid businesses that are compliant.  Adding to the cost, some card processors also charge non-EMV compliant retailers a fee.

What steps can retailers take to reduce chargeback fraud?  First, make sure that store personnel do exactly what they are supposed to do to ensure the cardholder is who they say they are. EMV-ready retailers should follow these procedures:
  • Insert chip cards in the terminal and follow the instructions.
  • If the chip card can’t be read and the customer needs to swipe their card instead, make sure the clerk checks for ID, and gets a signature (the merchant can still be liable, but for a less common fraud).
  • If the chip card is declined, do NOT accept it.
  • If the clerk is going to manually enter card data because the customer does not have a chip card, and the magstripe cannot be read, make sure they check for ID and get a signature and card imprint (again the merchant will be liable but for a less common fraud).
Retailers that are not EMV-ready are liable for card fraud, so they should consider checking ID for all card transactions.

Regardless of the retailer’s position, they should also closely monitor their processor’s daily reporting for chargebacks, and make sure to quickly follow-up on them. It’s also important for merchants to ask credit card processors for help with chargeback reason codes.  The processors should be providing retailers with this and other information on what they can do to fight fraud.

Keep in mind, this need not be a zero sum game between the retailer and the card issuer. Retailers and card issuers will be most effective in reducing chargeback fraud risk if they work together rather than against one another.