The process of paying with a credit or debit card in the United States is changing. The U.S. is moving to the use of chip cards based on the rest of the world’s standards. This global system called EMV (Europay, MasterCard, Visa), is already implemented in 3.5 billion payment cards in more than 80 countries worldwide, many for over a decade.
The Chips in EMV cards contain secure computer chips that validate the authenticity of the card and include a one-time security code in every transaction, making chip payment data virtually impossible to use for counterfeit card fraud.
Currently, almost half of the world’s credit card fraud happens in the U.S. where magnetic strip technology is the standard. Outside the U.S., an estimated 40 percent of the world’s cards and 70 percent of the terminals already use EMV technology. These countries are reporting significantly lower counterfeit fraud levels with EMV cards than with the magnetic strip cards.
Examples of Success
Card fraud losses in the United Kingdom stood at $102.3 million GBP in 2013, less than half of
what they were ($274.1 million) in 2004, according to the UK Cards Association. Losses at U.K. retailers have fallen by 67 percent since 2004; lost and stolen card fraud fell by 58 percent between 2004 and 2009.
Canada’s conversion to EMV-ready POS technology reported in mid-2014 that the nation had already seen marked reductions in card fraud losses as a result of the ongoing transition to an EMV platform. Such losses plummeted from a high of $142 million (CAD) in 2009 to a record low of $29.5 million in 2013.
How does it work?
Traditional magnetic strip cards are easily hacked, while chip technology provides dynamic authentication. This method requires a card to be inserted into the machine (not swiped), the chip and the POS device together determine authenticity.
Cards must be inserted into the terminals chip reader slot face up with the chip first. The card must then stay in the card reader for the duration of the transaction (5-10 seconds) which ends with the screen notifying the card can be removed and a receipt being printed. If the card is removed before the end of the transaction, the payment will not be processed.
What will it help?
The move to EMV chip card payment in the U.S. is driven by the desire to reduce the incidence of card fraud in card-present transactions, provide global interoperability, and enable safer transactions across contact and contactless channels.
According to the EMV Migration Forum, by the end of 2015 a total of 50 percent of all cards issued in the U.S. (600 million cards) will be chip cards and 60 percent of all point-of-sale (POS) terminals in the U.S. (7 million terminals) will be enabled to accept chip cards.
What’s at Risk? Your business!
Currently, card issuers bear the risk when a card-present transaction is counterfeit. Beginning in October 2015, , MasterCard will exempt merchants from 100 percent of account data compromise penalties only if at least 95 percent of MasterCard transactions that originate in their stores are handled on EMV-compliant POS terminals.
Visa will hold “the party that is the cause of a chip card transaction not occurring” (e.g., a
merchant whose terminals are not EMV-compliant) liable for any resulting card-present counterfeit fraud losses.
If a merchant accepts a magnetic strip card that was counterfeited, that also has a Chip, and the merchant does not have a terminal that can read the Chip on that card, the merchant may be liable for the fraudulent transaction. This can mean fines, fees, liability to the card holder for losses, replacement of original card, investigation expenses, and legal fees to address these probable circumstances.
How to Limit the Risk of Fraud?
The Association of Certified Fraud Examiners (ACFE) estimates that the typical organization loses 5 percent of its revenues to fraud each year. EMV equipment can be a big part of the processes and systems that protect your practice from employee and patient fraud.
Due to the increasing number of credit card breaches where millions of credit card numbers and associated data have been stolen, the industry has forced small businesses nationwide to adhere to PCI (Payment Card Industry) Security Requirements. Supported by the PCI Security Council, the ultimate goal of EMV Chip cards is to stop and prevent further fraudulent activity.
Impact of EMV on Healthcare Providers
Most healthcare providers have seen a dramatic increase in the number of patients paying with a payment card at the time of service. They have also seen a significant increase in the dollar amount of those transactions. These increases are caused by a steady rise in high deductible insurance plans and improvement in the tools used to estimate payment amounts and perform real-time adjudication.
For healthcare providers and healthcare systems, the changes in payment type and amount increase the threat of fraudulent and counterfeit card transactions. By understanding and implementing an EMV-capable payment process, healthcare providers can dramatically reduce the risk of fraudulent card-present payments.
Good Patient PR
Providers also need to be prepared to accept consumer payments in all forms, including EMV chip cards for in-person transactions as well as mobile and digital transactions (Apple Pay, Google Wallet). Consumers have already begun using EMV chip cards and mobile systems at many national merchants (such as Wal-Mart, Target, Home Depot, Chili’s). Given the speed at which they are adopting the new cards, consumers (patients) will expect to be able to use their EMV chip cards at healthcare providers as well.
The transition to EMV offers an excellent opportunity to boost service levels and your reputation by helping your patients understand the benefits EMV provides them. The peace of mind from knowing their data protection has been reinforced with microchip security, making it even more difficult for fraudsters to clone personal card information.
- If you have not investigated or planned for EMV Technology, contact your card processor immediately to determine your business’s specific needs.
- Implementing EMV technology does not have to be a cumbersome and time consuming project, but the best way to protect your practice from fraud and liability is to implement the new technology as soon as possible.
- If EMV technology has been implemented be sure to confirm that the chip reading capability has been enabled.
- Train your staff on the new procedures. When a patient tries to use their card, they will notice some changes, such as their credit card being held in the EMV reading slot throughout the entire transaction process. This may be new, but they will learn quickly.
- Realize that an ounce of prevention is worth a pound of cure… don’t risk it, upgrade!
Written and compiled by Ken Givens with U.S. Merchant Payment Solutions. Mr. Givens is a 23 year veteran of the payment industry and teaches Continuing Education Credit classes to CPA’s, CFO’s, Non Profits, Medical/Dental Clinics, and businesses of all sizes. His courses include Safe Card and Cash Handling, PCI DSS Security, Understanding Visa/MasterCard Rates & Fees, and Customer/Patient Fraud Prevention. He can be reached at KenGivens@USMSTexas.com, www.CardProcessingInfo.com, 888-995-3995 / 512-535-2255.
- American Dental Association
- New Jersey Dental Association
- California Dental Association
- Bright Dental
- American Express
- EMV Migration Forum
- Smart Card Alliance
Copyright 2015, U.S. Merchant Payment Solutions LLC