I was walking to the register at my favorite Greek restaurant when another diner gestured for my attention. It was a friend, the owner of a neighborhood jewelry store. “I’m so glad you told me about the chip cards,” he said. Then he told me that shortly after he’d been set up with an EMV card reader, someone tried to use a counterfeit card to buy some expensive jewelry.
If my friend hadn’t had the chip reader at his store, he would have been out thousands of dollars.
The conversation about the EMV chip began two months earlier when I’d visited his store to shop for a birthday gift. When I asked him if he had the ability to use payment cards with chips, he said he’d never heard of them. I showed him the chips in several of my credit cards and explained that since it was after Oct. 1, he was now liable for any transaction that used a lost, stolen or counterfeit card, and that the bank would not be responsible for any portion of the cost. It would come out of his pocket.
For whatever reason, his merchant processor had never told him about the liability shift or the availability of new card terminals. Fortunately, when he called to ask, the credit card processor arrived promptly with a new machine, which he started using immediately. He was lucky.
Most merchants, however, aren’t so lucky. In fact, it appears that the vast majority of merchants in the United States don’t know that the EMV liability shift deadline passed on Oct. 1 and that they are now at risk for many fraudulent transactions. According to EMVCo, the organization that sets standards for the chips and keeps track of implementation, only about 1 percent of payment card transactions in the United States are protected by secure chips.
The reasons that chip card adoption is lagging are many. The first and perhaps the most immediate reason is that big merchants don’t want to make changes to their process of selling merchandise during their busiest time of the year. The thinking in general is that if anything goes wrong during the height of Christmas shopping, it could devastate their sales for the year.
To some extent, this is a valid concern. It’s pretty hard to persuade any company to make a major change to their IT systems during periods of high demand. Plus, the EMV transaction process is unfamiliar to most people in the U.S., and it’s slower. Both of those factors could jam up checkout lines in busy stores.
U.S. Seriously Lags in Chip Card Use, Putting Merchants at Risk
If this were the only problem, that would be one thing, but it’s worth noting that all Walmart stores have been accepting cards with chips for many months, and that merchant doesn’t seem to be having any difficulty selling vast quantities of stuff. My observations at Walmart checkout lines (done strictly for research, of course) found that customers know how to use the cards and manage to spend vast quantities of money on all that stuff, despite the fact that they have to use cards with chips.
My friend at the jewelry store isn’t the only merchant here in Northern Virginia that I’ve spoken with about cards with EMV chips. While large merchants (not just Walmart) at least know about the need for more secure transactions using EMV card readers, the same isn’t true about small businesses. Sadly, not only does it appear that most small businesses don’t know about the need for cards with chips, but, worse, they don’t know that they are subject to the liability shift. They could end up going out of business because of fraud and never know why.
It would be easy to blame the big banks for this problem, and while some of the blame certainly falls on them, the real culprit is the merchant processors. These are the third parties that handle credit and debit transactions and act as middlemen between the business owners and the banks.
For most small businesses, it is the merchant processor that provides the card readers, the software for point-of-sale machines and the training. These companies accept the transactions from the merchant and pass them along to the banks for payment. While not every business uses the services of these merchant processors, most do.
And they’re the ones that aren’t telling their customers about the need for more secure transactions. They’re not providing the machines in a timely manner. And they’re not providing the help or training that those merchants need.
The need is huge. Now that the rest of the world is well on its way to total acceptance of cards with chips, organized crime is focusing on merchants in the U.S. who are unprepared. The reason for this focus is clear. While, as noted earlier, only about 1 percent of payment card transactions in the U.S. are protected by secure chips, Western Europe is reporting that 97 percent of all transactions are being protected by chips, and even the economically challenged areas in Africa, Latin America and the Caribbean are reporting acceptance levels in the high 80s.
So why is it that the small businesses in the U.S. seem to be the last to know? Perhaps the merchant processors and the banks are happier to have the liability fall on those small businesses. At least as long as there are small businesses.