EMV – No need to panic!

by Joe Woods, CULIANCE

with Holli Targan

The world is changing with blinding speed. News media have sensationalized everything from Ebola to data breaches and yes, even EMV.

There is always a fear of the unknown, and EMV is still a mystery for many of us. The hope is that wide adoption of EMV by both card issuers and merchants will slow the incidence of fraud and the accompanying costs to the industry. In the U.S. we have no single authority that can mandate EMV compliance, so the card brands are incentivizing issuers and merchants to adopt EMV primarily by shifting loss liability.

Effective October, 2015, the party to a transaction (i.e., issuer or merchant) that has made the investment in EMV compliance is protected from financial liability for card-present counterfeit fraud losses. Currently, in the traditional non-EMV environment, the card issuer (credit union) is responsible for such losses. But as of October, if the credit union has issued a card with an EMV chip, but the merchant’s terminal is not EMV-ready, the liability for any fraud losses on that transaction will shift from the credit union to the merchant. Whether the loss liability shift is a sufficient incentive to an individual credit union to mass-issue EMV cards early this year will depend on how much fraud loss that credit union is experiencing, and whether enough merchants are adopting EMV POS terminals and ATMs to make a difference.

In effect, the liability shift is really only a short-term, temporary window. Consider this: the credit union issuer currently assumes all liability for the transaction. Once we reach the liability shift date, those entities (CUs, merchants and processors) which are party to a transaction that are not EMV ready will assume the loss liability for that particular transaction. But once everyone, both card issuers and merchants, have fully adopted EMV, the old world order kicks in, and the liability shifts back onto the credit union as the card issuer.

So, during this liability shift timeframe, the fraud liability passes to the processor or merchant on a per transaction basis – but, only if the processor or merchant is not EMV ready. And the liability will shift only on a per transaction basis, so there is a financial consequence only if that particular transaction is fraudulent.

While the industry migration to EMV requires participation by all in order to realize the full, more secure benefits of the technology, there is a limited window of opportunity for fraud to shift away from the issuer. Each credit union should assess whether a mass-reissue is worth the cost of trying to push the liability off for a short period of time, or should a credit union simply continue to re-issue their expiring cards and begin re-issuing chip cards when its processor makes them available.

Holli Targan is an attorney and partner at Jaffe, Raitt, Heuer & Weiss, who concentrates her practice on payments issues. You may reach her at htargan@jaffelaw.com.

Joe Woods

Joe Woods

Joe Woods, CUDE is a 15-year credit union veteran.  He has spent time with Corporate One FCU, Liberty Enterprises, co-founded Legacy Member Services and was part of the senior management ... Web: www.dolphindebit.com Details

Featured