EMV Compliance: The Good, The Bad, & The Ugly

EMV Compliance: The Good, The Bad, & The Ugly
Amy Fontinelle
on February 7, 2018
Read in 5 min

As a savvy business owner that accepts credit and debit cards, you should already know the dangers of failing to upgrade to an EMV-compliant terminal–

Right?

Just in case you need to refresh your memory, this article will tell you everything you need to know about EMV compliance in 2018.

What Is EMV

EMV stands for Europay, MasterCard and Visa.

These three companies founded the organization that established the new standards for EMV chip technology in order to shift liability and reduce their fraud losses.

On the plus side, EMV technology enhances credit card security through improvements in the way chips store and communicate data, making chip cards harder to counterfeit than magnetic stripe cards.

Industry standardization of this technology means chip cards work worldwide at any payment terminal that can process them.

RELATED: An Epic Guide to Business Credit Cards, Charge Cards, & Lines of Credit

What does chip technology mean for small business?

For your small business, EMV compliance in 2018 simply means upgrading your terminal to a model that can process payment cards via EMV chips or magnetic strip.

Officially, EMV compliance rules went into effect October 2015, though gas stations have until October 2018 to comply.

But do you know what can happen if your business doesn’t comply with the credit card chip law?

Well the good news is it’s not a legal matter; you can’t get arrested for non-compliance or anything like that.

However, if you’re still processing credit cards with a magnetic strip, your business will be held automatically responsible for any fraudulent charges made by someone using a chip card.

This may not be a big deal for a small corner cafe, but for small businesses selling big-ticket items, you could be on the line for thousands of dollars.

Not to mention, fraud risk is even higher in certain lines of business where card-present fraud is higher, like jewelry, electronics, and designer goods.

Basically what this means is that if a customer comes in a charges $1000 on a EMV chip card, and you use the old magnetic card swiper to ring them up, that customer can dispute the charge and you as the EMV non-compliant merchant would have no legal recourse.

EMV compliance protects your business from liability.

It doesn’t matter if your customers aren’t using EMV-enabled cards; not everyone has one yet.

As long as you are EMV compliant, you won’t be liable for fraudulent swiped transactions whether they come from chip transactions or swipe transactions.

RELATED: Business Owners – 5 Truths Your Banker Doesn’t Want You Knowing

Card issuers will remain liable for POS fraud.

While switching systems can be a pain, you should look at it an opportunity to reevaluate point-of-sale providers to get better service and save money.

The worst-case scenario if you don’t comply is that a customer commits card-present fraud and charges more than your business can afford to lose.

For small businesses that process lots of small-dollar transactions, the costs of upgrading to an EMV compliant terminal may be prohibitive.

They’ll have to weigh the expense of upgrading against the possible POS fraud losses from not upgrading.

If you choose not to upgrade, you may want to budget for fraud losses and implement additional checkout controls such as checking customer ID and asking customers to use a PIN where possible.

Equipment financing or even a small working capital loan can help you upgrade your technology without compromising cashflow.

Here are some of the lenders we partner with:

Funding Options APR Do you qualify? Time in Business Annual Revenue
Funding Option
Get Started
APR
5-50%
Estimated Apr
Do you qualify?
500
MIN CREDIT SCORE
Time in Business
At least 6 months
Annual Revenue
At least $100K
Funding Option
Get Started
APR
1.10-1.48 FR
Estimated Apr
Do you qualify?
500+
MIN CREDIT SCORE
Time in Business
At least 6 months
Annual Revenue
No minimum
Funding Option
Get Started
APR
8%–38%
Estimated Apr
Do you qualify?
560+
MIN CREDIT SCORE
Time in Business
At least 3 years
Annual Revenue
At least $100K
Funding Option
Get Started
APR
5%-35%
Estimated Apr
Do you qualify?
560
MIN CREDIT SCORE
Time in Business
At least 1 year
Annual Revenue
At least $100K
Funding Option
Learn More
APR
1.5% - 10%
Monthly Fee Rate
Do you qualify?
N/A
MIN CREDIT SCORE
Time in Business
At least 1 year
Annual Revenue
At least $50,000

Best Credit Card Readers for Small Business

In order to be EMV compliant, your business needs:

  • to use a countertop credit card terminal
  • point of sale (POS) system
  • OR a mobile card reader that can read EMV chip debit cards and credit cards.

These devices have a slot at the top or bottom where a customer can insert their card so the device can read the card’s EMV chip.

Some require the customer to enter a PIN to complete the transaction, while others require the customer to sign.

You may need to update your business’s software, too.

Do EMV compliance laws apply to merchants using a mobile card reader?

If that’s you, protect yourself by getting a device that lets you accept both chip-enabled and magnetic stripe cards.

Here are three options:

A downside of the new EMV technology is that payment processing times are slower with chip cards than with magnetic stripe cards.

Some EMV cards coming out also contain NFC technology however, which is the fastest option available.

If you’re concerned about slower transaction times as a result of processing chip card transactions, consider upgrading to NFC technology and educating your customers on how to use it.

EMV technology still isn’t perfect

EMV technology does not prevent data breaches nor can it protect cardholders in the event of a data breach.

The technology makes card-present fraud more difficult, but not impossible.

Your business may still need to take other steps to prevent data breaches, such as hiring a third-party data security company.

Instead of learning a new skill outside your area of expertise, let an outside expert protect your customers’ data.

They can make sure you’re payment card industry (PCI) compliant, monitor your POS system for tampering, set up proper firewalls, configure antivirus software, detect and resolve any weaknesses in your system.

Even so, the simple theft of an employee’s laptop with valuable customer data can cost a business millions–

And you may not even realize how bad the damage is at first.

Consulting firm Deloitte found that 90% of the impacts of a data breach on a business are hidden and don’t fully surface until two or more years afterward.

These hidden losses include higher insurance premiums, disruptions in business operations, loss of reputation, and lost customers.

RELATED: 6 Bad Habits to Break for Gigantic Business Growth in 2018

The obvious and immediate costs of a data breach include first notifying customers, then:

  • protecting them– perhaps by providing a year of free identity theft monitoring from a third party
  • paying regulatory fines for not being PCI compliant
  • hiring a public relations firm to help you manage the crisis
  • paying attorney fees and litigation
  • strengthening cybersecurity
  • and investigating the breach.

Doing Your Part to Prevent Credit Card Fraud

Implementing point-to-point encryption and tokenization can reduce fraud during the payment authorization process.

Point-to-point encryption encodes payment card data from the time a card is swiped (or dipped) until it reaches the payment processor.

Tokenization uses a randomly generated set of numbers called a token instead of the actual card number so that if thieves intercept the number, it’s useless to them.

These technologies work with EMV to create even greater transaction security.

Further, following PCI data security standards (PCI DSS) will help to keep your network secure and limit physical access to customers’ credit card data.

You’ll also need to prepare for the likely increase in online fraud as card-present fraud becomes more difficult.

Learn from the experiences of retailers in other countries that adopted EMV technology earlier than the United States; they saw online fraud skyrocket.

With an awareness of this risk, you may be able to better protect your business against it (if you conduct online sales.)

Besides PCI compliance, the most basic protections include using an address verification system and requiring the cardholder’s CVV2 or CVC number.

EMV Compliance: The Good, The Bad, & The Ugly

The new chip cards don’t solve all fraud risks— far from it.

Most EMV cards still contain magnetic stripes; without them, they couldn’t be used at older payment terminals.

Further, chip-enabled cards can still be used to make fraudulent payments online or by phone.

Industry experts say it will probably be several years before the transition from magnetic stripe to EMV cards is complete.

The important thing for small business owners looking to protect themselves is to have an EMV-compliant system in place for in-person transactions so that fraud liability doesn’t fall on their business.

Don’t let the costs of upgrading your payment terminal get you in trouble – a working capital loan or an equipment loan from one of the lenders in our network could help you get up to speed!

Funding Options APR Do you qualify? Time in Business Annual Revenue
Funding Option
Get Started
APR
5-50%
Estimated Apr
Do you qualify?
500
MIN CREDIT SCORE
Time in Business
At least 6 months
Annual Revenue
At least $100K
Funding Option
Get Started
APR
1.10-1.48 FR
Estimated Apr
Do you qualify?
500+
MIN CREDIT SCORE
Time in Business
At least 6 months
Annual Revenue
No minimum
Funding Option
Get Started
APR
8%–38%
Estimated Apr
Do you qualify?
560+
MIN CREDIT SCORE
Time in Business
At least 3 years
Annual Revenue
At least $100K
Funding Option
Get Started
APR
5%-35%
Estimated Apr
Do you qualify?
560
MIN CREDIT SCORE
Time in Business
At least 1 year
Annual Revenue
At least $100K
Funding Option
Learn More
APR
1.5% - 10%
Monthly Fee Rate
Do you qualify?
N/A
MIN CREDIT SCORE
Time in Business
At least 1 year
Annual Revenue
At least $50,000

Amy Fontinelle Finance Journalist

Amy Fontinelle is a writer, editor, and personal finance expert.

Her articles have appeared at Investopedia, Bankrate, MassMutual.com, The Simple Dollar, Interest.com, Yahoo, Forbes.com, SFGate.com, Bankaholic, Mortgage-Calc.com, Saving Advice and other sites.

Amy’s clients include personal finance websites, financial institutions, public policy organizations, academic journals, and professional economists.

1 Comment
Russ
1 year ago
If I purchase a square chip reader when my Restaurant  only has magnetic, but do not use the square chip reader at all. Will I be considered emv compliant? Does having it but not using it make you eligible to be compliant.... 
Recommended for Business Loans
Lendio
Lending Express

Important Disclosures. Please Read Carefully.

Persons facing serious financial difficulties should consider other alternatives or should seek out professional financial advice. This website is not an offer to lend. Lendgenius.com is not a lender or lending partner and does not make loan or credit decisions. Lendgenius.com connects interested persons with a lender or lending partner from its network of approved lenders and lending partners. Lendgenius.com does not control and is not responsible for the actions or inactions of any lender or lending partner, is not an agent, representative or broker of any lender or lending partner, and does not endorse any lender or lending partner. Lendgenius.com receives compensation from its lenders and lending partners, often based on a ping-tree model similar to Google AdWords where the highest available bidder is connected to the consumer. Regardless, Lendgenius.com’s service is always free to you. This service is not available in all states. If you request to connect with a lender or lending partner in a particular state where such loans are prohibited, or in a location where Lendgenius.com does not have an available lender or lending partner, you will not be connected to a lender or lending partner. You are urged to read and understand the terms of any loan offered by any lender or lending partner, and to reject any particular loan offer that you cannot afford to repay or that includes terms that are not acceptable to you. By submitting your information via this website, you are authorizing Lendgenius.com and/or lenders and lending partners in its network or other intermediaries to do a credit check, which may include verifying your social security number, driver license number or other identification, and a review of your creditworthiness. Credit checks are usually performed by one of the major credit bureaus such as Experian, Equifax and Trans Union, but also may include alternative credit bureaus such as Teletrack, DP Bureau or others. You also authorize Lendgenius.com to share your information and credit history with its network of approved lenders and lending partners. For qualified consumers, our lenders offer loans with an Annual Percentage Rate (APR) of 35.99% and below. For qualified consumers, the maximum APR (including the interest rates plus fees and other costs) is 35.99%. All loans are subject to the lender’s approval based on its own unique underwriting criteria. Example: Loan Amount: $4,300.00, Annual Percentage Rate: 35.99%. Number of Monthly Payments: 30. Monthly Payment Amount: $219.36. Total Amount Payable: $6,581.78 Loans include a minimum repayment plan of 12 months and a maximum repayment plan of 30 months. In some cases, you may be given the option of obtaining a loan from a tribal lender. Tribal lenders are subject to tribal and certain federal laws while being immune from state law including usury caps. If you are connected to a tribal lender, please understand that the tribal lender’s rates and fees may be higher than state-licensed lenders. Additionally, tribal lenders may require you to agree to resolve any disputes in a tribal jurisdiction. You are urged to read and understand the terms of any loan offered by any lender, whether tribal or state-licensed, and to reject any particular loan offer that you cannot afford to repay or that includes terms that are not acceptable to you.

Lender’s or Lending Partner’s Disclosure of Terms.

The lenders and lending partners you are connected to will provide documents that contain all fees and rate information pertaining to the loan being offered, including any potential fees for late-payments and the rules under which you may be allowed (if permitted by applicable law) to refinance, renew or rollover your loan. Loan fees and interest rates are determined solely by the lender or lending partner based on the lender’s or lending partner’s internal policies, underwriting criteria and applicable law. Lendgenius.com has no knowledge of or control over the loan terms offered by a lender and lending partner. You are urged to read and understand the terms of any loan offered by any lenders and lending partners and to reject any particular loan offer that you cannot afford to repay or that includes terms that are not acceptable to you.

Late Payments Hurt Your Credit Score

Please be aware that missing a payment or making a late payment can negatively impact your credit score. To protect yourself and your credit history, make sure you only accept loan terms that you can afford to repay. If you cannot make a payment on time, you should contact your lenders and lending partners immediately and discuss how to handle late payments.