Industry News
October 2015: The End of the Swipe-and-Sign Credit Card
For you small business owners that accepts credit cards, listen up!
EMV in the U.S. is coming and you need to know how it will effect your business.
EMV (Europay, MasterCard® and Visa®) chip credit cards are embedded with a microchip and require a PIN and a signature to complete the transaction process. Below is a great article describing the “Shift” in liability that will occur in October 2015 to the small business owners, the merchants.
St. Louis Restaurant, Coffee Shop, Bars and any small business owners should consider meeting with one of our consultants about your current Point of Sale System to see if we can help you be ready for this “Shift to EMV”.
We have Point of Sale Solutions that will be ready to accept EMV, like Micros Payment Gateway (below).
CONTACT US today to have one of our consultants ensure you are ready for the shift, we can help!
WALL STREET JOURNAL ARTICLE:
October 2015: The End of the Swipe-and-Sign Credit Card
By Tom Gara, Wall Street Journal
(We have corrected this article to reflect the fact that customers will still be able to sign for credit card payments after October 2015.)
It’s a payment ritual as familiar as handing over a $20 bill, and it’s soon to go extinct: prepare to say farewell to the swipe-and-sign of a credit card transaction.
Beginning later next year, you will stop swiping the credit card. Instead, you will insert your card into a slot, just like people do in much of the rest of the world, where the machine will read a microchip, not a magnetic stripe. You’ll still be signing for the time being, but the new system also enables the use of PIN numbers, if card issuers decide to add them to their cards.
The U.S. is the last major market to still use the old-fashioned swipe-and-sign system, and it’s a big reason why almost half the world’s credit card fraud happens in America, despite the country being home to about a quarter of all credit card transactions.
The recent large-scale theft of credit card data from retailers including Target and Neiman Marcus brought the issue more mainstream attention, leading to a Senate Judiciary Committee hearing this week. Executives told the senators that once the country transitions to the new system — which includes credit cards embedded with a microchip containing security data — these kind of hacking attacks will be much more difficult to pull off.
The shift is coming though: both MasterCard MA +0.06% and Visa V -0.88% have roadmaps for the changeover, and both have set October, 2015 as an important deadline in the switch. But why has it taken this long, and how will the changeover work for card users and businesses?
We spoke with MasterCard’s Carolyn Balfany, the company’s expert on all things related to the new payment system, known as EMV, that will lead to the end of the swipe-and-sign and the beginning of the chip-and-PIN. Here’s what she had to say.
Much of the rest of the world switched to chip and PIN cards years ago. Why has it taken the U.S. so much longer?
There’s a historical view to this. In the past, other markets migrated for two reasons. First, there were higher fraud rates in some other markets, and they wanted to make this move to combat fraud. Second, this system can operate in offline mode – the card and the terminal can authorize a transaction independent of communication with the bank’s systems. In some other markets they struggled with robust telephony networks, so this offline capacity was attractive.
Both those factors were not driving factors here in America. Fraud was more prominent in some other markets, but what has happened since then is that as other markets migrated to EMV and became more secure, fraudsters migrated their activity to markets with less security. We saw fraudsters move over to the US market – they are looking for the path of least resistance.
There were also some more specific challenges to US migration to the new system. Because the US is one of the largest and most complex markets, the business cases for the costs had to be established. And there were requirements of the Durbin amendment, mandating all us debit transactions are able to go across at least two networks, which took some time for the industry to sort out.
It seems now like there is agreement on the switch. So when will the changeover happen?
For Mastercard, now is the time, and we’ve been very consistent on that message for years. We introduced our roadmap for migration in 2012, and that roadmap says that for face-to-face transactions, where a consumer uses their card at a merchant’s location, the liability shift will happen in October, 2015.
The “liability shift” is a big moment in the changeover. Can you explain what it means?
Part of the October 2015 deadline in our roadmap is what’s known as the ‘liability shift.’ Whenever card fraud happens, we need to determine who is liable for the costs. When the liability shift happens, what will change is that if there is an incidence of card fraud, whichever party has the lesser technology will bear the liability.
So if a merchant is still using the old system, they can still run a transaction with a swipe and a signature. But they will be liable for any fraudulent transactions if the customer has a chip card. And the same goes the other way – if the merchant has a new terminal, but the bank hasn’t issued a chip and PIN card to the customer, the bank would be liable.
The key point of a liability shift is not actually to shift liability around the market. It’s to create co-ordination in the market, so you have issuers and merchants investing in the migration at the same time. This way, we’re not shifting fraud around within the system; we’re driving fraud out of the system.
How will the change over to the new system actually happen?
One important thing to know is that it’s not as if everybody just got to the starting line just now, there has been a lot of work on this that has already happened. For merchants, the terminals in many cases are readily available or already there, they already have the equipment ready to handle the new cards. Banks who issue cards in many cases already can issue cards with the chip, and they have been issuing them to customers who travel overseas.
U.S. consumers are already pretty aware of the chip and PIN system, because most of the rest of the world has already migrated. And we would expect in the wake of these latest breaches and the media coverage that awareness is now even higher. And as banks issue consumers their new cards, they will get information explaining the system and all the benefits, and obviously how to use it.
Aside from the security of the system, are there any other benefits for consumers?
One thing to remember is this migration really isn’t about a single device or technology, it’s about establishing a technological platform for the next generation of payments. So the EMV standard that we are moving toward isn’t limited to chip and PIN cards, it also includes things like contactless payments, where you can tap the card against the reader, all with the same level of security.
Card issuers will probably always issue a card, but in this system an account can be resident in multiple places – so you can have the card, but also maybe a tag affixed to your phone for mobile payments, or a fob on your key ring.
There are lots of different use cases and it depends on the venue, and the devices and what interaction method makes the most sense. In a transit location, contactless interfaces make a lot of sense. We’ll continue to see interactions broaden and evolve as this migration happens.
Corrections & Amplifications: The new EMV credit card system the U.S. is set to migrate to by October, 2015 will use microchip-enabled credit cards, but still allows customers to sign for their payments. Banks can choose to issue cards that require a PIN number instead of a signature, but the switch to PINs will not be required in October 2015 as reported in an earlier version of this article.
Corporate Intelligence is the WSJ’s business news blog, with a lively take on the day’s most important business stories. For all the headlines, follow @WSJCorpIntel.