April 7, 2015
3 Things Every Merchant Should Know About EMV
Shift4’s SVP of Applications Development, Steve Sommers, was recently invited to San Antonio to speak at the Hotel Technology Next Generation (HTNG) North American Conference. The session he was asked to join, entitled “Securing Payment Data: Tales From the Front,” featured Sommers alongside Rob Martin, the VP of Security Solutions for device manufacturer Ingenico, and Merchant Link’s Director of Product, Christian McMahon.
Here are the top three takeaways from their session:
1. EMV will not prevent breaches.
All three payments experts responded with a unified “no” when asked if EMV would solve our nation’s payment data breach problems.
“That’s not what EMV was designed for,” said Shift4’s Sommers. “It was designed to authenticate the card and to reduce card-present fraud. And that’s exactly what it does; pretty much all the security claims beyond that are exaggerated marketing efforts.”
2. Layering real security solutions along with EMV is a merchant’s best bet.
Ingenico’s Rob Martin described the key distinction between the technologies: “EMV protects you from the fraud that’s already taken place. P2PE and tokenization protect you from becoming the source of new fraud.”
3. The urgency of EMV adoption likely depends on the industry you serve.
Many merchants are fearful that as of October 1, 2015 – the EMV fraud liability shift date – they will suddenly see a windfall of fraudulent charges and a massive financial liability. In reality, this is true only for merchants who already have a high rate of card-present fraud in their environment and who currently see a high volume of chargebacks.
For retailers, with their historically higher fraud rates, EMV should be top of mind. But, since they’ll need new terminals to read the cards anyhow, they should confirm that their new solutions support tokenization and P2PE as well as EMV.
For hoteliers, the fraud rates are much lower, so the October date seems much less daunting. Merchant Link’s McMahon shared a story from one of his largest hospitality clients. Worried about the liability shift, they had their accounting team research their current fraud rate to see how much the liability shift would affect them. “Their accountant came back with a number that surprised all of us,” McMahon said. “It was 0.03 percent.” This company was about to rush the purchase of hundreds of thousands of dollars in equipment to avoid a fraud liability that measured in the hundredths of a percent.
EMV is not without merit, but for hoteliers, it should come as part of a much larger shift toward securing card payments.
“Hoteliers need to be implementing tokenization and encryption and then saying, ‘oh yeah, let’s add EMV while we’re at it,’” Martin concluded.
Why Shift4 Provides EMV – and More
At Shift4, we support EMV and NFC payments but also provide the layered security of our True P2PE™ and TrueTokenization® solutions so that our merchant customers can ensure their environment leaves no payment data for hackers to steal. After all, They Can’t Steal What You Don’t Have®.
For more information about how you can get ready for EMV, visit our EMV page or contact our world-class, Las Vegas-based Customer Support team at 702.597.2480 (option 2) or [email protected] 24/7/365.