Archive

Go to:

December 2017
SMTWTFS
12
3456789
10111213141516
17181920212223
24252627282930
31
< Nov Jan >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

InfoSight Highlight: EMV Implementation (Credit Card Security)
Friday, March 24, 2017 7:00 AM

EMV stands for Europay, MasterCard, and Visa, the developers of global standards for integrated circuit cards (IC cards or “chip cards”). Credit cards that use EMV technology have an embedded microprocessor chip instead of a magnetic stripe. While magnetic stripes store credit card numbers and expiration dates that can be used to make counterfeit cards, EMV-enabled cards encrypt transaction data differently each time the card is used.

Major credit card companies are pushing merchants and financial institutions to switch to EMV-enabled cards by making them liable for any fraudulent charges if they haven't converted. Visa and MasterCard shifted liability for point-of-sale (POS) devices on Oct. 1, 2015, to merchants that do not provide EMV-compatible terminals. MasterCard also shifted liability for ATM transactions as of Oct. 1, 2016. Visa's ATM shift will occur on Oct. 1, 2017.

Currently, POS counterfeit fraud liability is held by card issuers. With the liability shift, if a contact chip card is presented to a merchant that has not adopted contact chip terminals, liability for counterfeit fraud will shift to the merchant's acquirer, according to Visa’s website. Visa required U.S. acquirers to support merchant acceptance of chip transactions by April 1, 2013.

Unfortunately, EMV does not protect consumers from "card-not-present transactions"—those made via the Internet or phone in which the cardholder is not physically present—because no chip transaction is involved. Additionally, when a merchant terminal and/or POS system is hacked, an EMV chip still may have provided enough information to be used by criminals online. In countries using EMV technology, fraud is down at stores, but online fraud has increased.

Chip technology comes in two types: contact and contactless. Contact chips include an integrated circuit, or chip, that communicates information to a point of transaction terminal. Contactless chips employ a radio frequency or infrared technology that allows the terminal to communicate or transact without physically touching the card.

Source:  InfoSight Compliance.

Need more info on a regular basis? Check out InfoSight, your first stop when searching for compliance answers. InfoSight operates as an online compliance manual at your fingertips, containing federal and state-specific content that is accurate, concise, and detailed on a wide range of topics and issues. Subscribers are able to access easy-to-read compliance summaries, checklists for compliance, direct links to laws and regulations, frequently asked questions, and links to additional important resources, including CUNA's online compliance resource "E-Guide." As part of InfoSight, the League sends out a weekly eNewsletter highlighting regulatory changes, hot topics in compliance, and comment calls.

Subscribe here.