Small Businesses Unprepared for EMV Compliance

EMV is a technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them.

cayan and emv

With the EMV liability shift deadline less than three months away, 52 percent of small businesses will not be EMV-ready, and 37 percent of small businesses have no plans to accept EMV cards after the deadline, according to a survey of 344 small business owners or managers, which was conducted by Cayan.

EMV is a technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them.

The study surveyed small business that accept credit or debit cards and employ fewer than 50 people. It sought to determine what it would take for small businesses with no EMV plans to become EMV-capable after October 1, the deadline after which merchants will be liable for the cost of counterfeit card fraud if they're unable to accept EMV cards.

"The most surprising finding that our study revealed is that many small business owners are taking more of a reactionary approach to upgrading to EMV, even though more than half say they couldn’t bounce back if they were required to cover $500 in fraudulent charges out of pocket," Ben Saren, senior vice president of marketing at Cayan, told eWEEK. "This tells us that SMBs can’t afford not to upgrade to EMV. It’s clear that there are opportunities for companies within the payments industry to educate and prepare small businesses ahead of the October deadline."

The survey revealed that many small businesses aren't yet convinced of the benefits of becoming EMV-ready before the deadline. Yet most respondents admitted that experiencing the negative effects of non-compliances after the deadline would convince them to make the upgrade.

Significantly fewer small businesses would make the transition after hearing about other small businesses experiencing the negative effects of not being ready.

Of the small businesses with no plans to accept EMV cards, 63 percent said that covering fraud would drive them to become EMV-capable, with 47 percent becoming EMV-capable after covering as little as $100 or less in fraud.

In addition, 57 percent would become EMV-capable if consumers complain about not being able to dip their EMV chip card, with 40 percent upgrading to an EMV-capable payment system after receiving five or fewer complaints a week.

Only 16 percent of small businesses would become EMV-capable after hearing about another business being liable for fraudulent charges.

The study also revealed the danger of small businesses waiting for a fraud incident before becoming EMV-capable.

"Small businesses face a host of challenges on a daily basis, because it’s in their nature to wear so many hats. When it comes to security around payments, while deeply important, it may not be the loudest need on their list or the easiest to understand," Saren said. "That’s why I recommend SMBs look for payment solutions that worry about security for them -- from EMV to tokenization and PCI-compliance guidelines, they should really look to payment partners and solutions that can keep them up-to-date on the latest security measures, without having to constantly install new hardware."