A new payment standard with important implications for businesses in the United States that do “card-present” credit and debit card transactions is also opening up opportunities for channel pros looking for new lines of service to provide their SMB clients.
In effect as of October 1, 2015, the payment standard is known as “EMV,” an acronym that stands for its creators, EuroPay, MasterCard, and Visa. Widely implemented outside the U.S. for the past 20-odd years, EMV makes credit and debit cards less vulnerable to fraudulent use than the familiar magnetic strip-based cards.
EMV cards have embedded microprocessor chips that contain encrypted information necessary for authentication, cardholder verification, and transaction authorization. At point-of-sale, card-present transactions, the info is read by chip-compatible card-reading devices.
Adoption of EMV is not mandatory. Indeed, the new cards can also (at least for now) be read by the traditional swipe devices. But as of October 1, a “liability shift” comes into play. Card issuers have historically been on the hook for fraudulent charges in card-present transactions. But beginning on that date, businesses that continue using swipe readers get stuck with the bill for fraudulent charges in transactions where an EMV card is used.
Coupled with card issuers busily issuing EMV cards to all of their U.S. customers, this liability shift gives businesses plenty of incentive to upgrade their reading devices and other elements of their card-processing systems to the new standard.
Additional Services Opportunities
This changeover is creating opportunities for channel pros, particularly VARs, to be of service to their customers—especially SMBs with limited internal IT expertise—by educating them about EMV and implementing new card-processing systems.
“Overall, our SMBs appear to be at least generally aware of the EMV initiative, particularly those in regulated industries such as healthcare and financial services,” says Greg Richey, director of professional services at Ingram Micro Inc., an IT distributor in Santa Ana, Calif.
At the same time, though, many SMBs don’t understand what’s needed to implement EMV, according to Jeff Yelton, Ingram Micro’s vice president and general manager for Advanced Solutions. “They think EMV is just a hardware change, but there’s much more to it than that,” says Yelton. “They don’t understand that full implementation is a process that can take five or six months.”
In the implementation arena, VARs need to ensure their clients are getting the right solutions for their EMV-related needs, according to Avivah Litan, vice president and distinguished analyst at analyst firm Gartner Inc.
In addition to making sure equipment complies with the Payment Card Industry Data Security Standard (PCI DSS), they also need to focus on providing clients with the right fraud-detection software, says Litan. She adds that in addition to fraud-detection solutions related to EMV cards, “There are also opportunities to be had in the card-not-present channel for clients with an online presence and/or call centers.”