EMV Challenges Remain for Restaurants

By Dennis Hoyt

Announced a few years ago, the Oct. 1, 2015, Europay, Mastercard and Visa (EMV) conversion date for merchants to avoid the liability shift for card fraud has still not been met by many businesses. This is the case for several reasons, including:
  • All merchants have not yet ordered their EMV-capable equipment.
  • There is a backlog for merchants that only ordered their EMV-capable equipment last fall.
  • Required certification of each merchant’s EMV process is delayed due to a backlog of requests.
  • The certification process itself can be complex (dealing with software and hardware vendors) and slow, taking a month or longer.
Some industry analysts estimate that up to 40 percent of all merchants still do not have EMV equipment in use and, in turn, are incurring many more chargebacks. On top of this, the risk of fraud has increased for those without EMV terminals, since fraudsters tend to avoid businesses that are compliant.  Adding to the cost, some card processors also charge non-EMV compliant merchants a fee.
What steps can restaurants take to reduce chargeback fraud?  First, make sure that personnel do exactly what they are supposed to do to ensure cardholders are who they say they are. Note that in certain restaurants (e.g., fine dining) where regular customers are well-known, it may be counterproductive to ask them for their ID. Generally, EMV-ready restaurants—from QSRs to fine-dining— should follow these procedures:
  • Insert chip cards in the terminal and follow the instructions.
  • If the chip card can’t be read and it needs to be swiped instead, have the clerk/server check for ID and get a signature (the merchant can still be liable, but for a less likely fraud).
  • If the chip card is declined, do NOT accept it.
  • If the clerk/server is going to manually enter card data because the customer insists on using a card that does not have a chip or a readable magstripe, then make sure they check for ID and get a signature and a card imprint, if practical (again the merchant will be liable but for a less likely fraud).
Businesses that are not EMV-ready are liable for card fraud, so they should consider checking ID for all card transactions.

Regardless of the restaurant’s position, it should also closely monitor its processor’s daily reporting for chargebacks, and make sure to quickly follow-up on them. It’s also important for merchants to ask credit card processors for help with chargeback reason codes.  Processors should be providing restaurants with this and other information on what they can do to fight fraud.   

Keep in mind, this need not be a zero sum game between the merchant and the card issuer. Restaurants and card issuers will be most effective in reducing chargeback fraud risk if they work together rather than against one another.

Dennis Hoyt is President of Hoyt Treasury Services, LLC, a BDO Alliance firm that provides treasury consulting services to companies in the retail, restaurant, grocery and e-commerce sectors, among other industries.  Dennis can be reached at DHoyt@HoytTreasury.com or 616-656-7770.
A version of this post originally appeared on the Consumer Business Compass blog, the blog of BDO’s Consumer Business practice.