Whether you're a merchant or a customer, you should take the time to read about EMV and how it might affect you. This article will summarize the information both merchants and cardholders should know about the new credit card payment standards known as EMV.
What is EMV?
EMV is a new U.S. credit card payment standard meant to make credit transactions more secure. The developers of this standard were Europay, MasterCard, and Visa; hence the abbreviation "EMV". EMV refers to smart or chip cards that contain an embedded chip or microprocessor. The chips provide stronger security features and other capabilities that are not possible with traditional magnetic stripe cards.
What other countries use EMV?
EMV has been used in Europe since 1992. Eighty countries globally are in various stages of EMV chip migration, including Canada and countries in Europe, Latin America and Asia.
The United States is transitioning to EMV because counterfeit fraud will be significantly reduced, particularly in card-present transactions. October 1, 2015 marks the first key milestone in the migration to EMV.
How is credit card security enhanced?
EMV provides merchants with increased fraud protection from counterfeit, lost or stolen cards, because the embedded chip is harder to counterfeit than the traditional magnetic stripe technology.
Another way security is enhanced is by encrypting data for every sale. The chip generates a unique one-time code that cannot be replicated by counterfeiters. Instead of sending all of the cardholder's credit card information to a merchant when something is purchased, chips send a unique code that a hacker can't use if they find it. If a hacker tries to use that code to make a fraudulent purchase, it won't work. It's like stealing an expired password.
EMV also provides interoperability with the global payments infrastructure so consumers can feel secure using their card on any EMV-compatible payment terminal. Additionally online payment transactions are more secure because the technology supports enhanced cardholder verification methods that traditional magnetic stripe cards do not.
Are there different types of EMV chip cards?
There are two types of EMV cards:
- There are cards that make you sign for a purchase. These cards are also called "chip-and-signature" cards. Chip & Signature requires a customer's signature to complete the transaction.
- There are other cards that make you enter a PIN. These cards are also called "chip-and-PIN" cards. Chip & PIN requires a PIN to complete the transaction and any data stolen from the merchant is useless because the transaction data expires after it leaves the Chip & PIN reader.
The vast majority of chip cards distributed in the U.S. are chip-and-signature cards. They aren't as safe as chip-and-PIN cards simply because it's easier to forge someone's signature than to know the PIN. The decision to require a signature rather than a PIN was made by banks that thought it would create less confusion for consumers and ultimately make the transition to EMV easier.
Chip cards also have the same magnetic stripes as non-chip cards and may be used in the traditional methods of swipe or key entry, but these transactions will not have the additional security protections provided through EMV card readers.
How do chip card readers affect the way a customer pays?
Instead of swiping the card, EMV cards are designed to be inserted into the reader and remain in place throughout the entire transaction. This is known as card dipping.
The process starts with the consumer being issued a card with an embedded smart-chip. At the time of a transaction, the card is inserted into an EMV-enabled payment terminal, which uses chip technology to verify the validity of the payment card presented before the transaction is completed.
Other than the insertion of the chip card, the sale takes place as normal. No special action is needed from the merchant. The payment card is not even given to the merchant in a chip card transaction. The card remains with the customer which provides an additional layer of security.
Why is Intuit Merchant Services switching to EMV technology?
Historically, if a merchant ran a transaction on a fraudulent card, the bank assumed the loss. The way fraud liability is handled will be changing on Oct 1, 2015. If your customers use a chip-enabled card and you do not have an EMV reader, you may be liable for certain costs from counterfeit or stolen cards during card present transactions. You are liable for any losses due to fraud if the customer uses a chip card and your reader is only a mag stripe reader.
All credit card companies are expected to make the transition to chip-enabled cards by October 1st, 2015. This means customers' cards will soon have an embedded chip. Switching to an embedded reader may help reduce your liability for costs associated with certain kinds of credit card fraud.
Accepting Chip-Enabled Cards
One important reason to adopt EMV chip technology now is that customers may only want to purchase from more secure merchants with EMV-enabled terminals. You never want to lose a sale, so why not get the most secure technology?
Secondly, merchants without EMV-enabled terminals will be responsible for point-of-sale fraud losses that could have been prevented with chip technology accepting systems. So investing in better equipment now will save you losses in the long run.
Is QuickBooks EMV Compliant?
Intuit is in the process of updating their software and hardware products. They are developing chip-reading devices for both mobile phones and desktop use. They will make mobile EMV card readers available which will plug into your Apple and Android devices as well as EMV card readers for QuickBooks desktop applications.
Unfortunately, most of these devices aren't ready yet because Intuit has to get their hardware and software solutions certified with each of the major credit card brands. This process is lengthy and may not be complete until early next year.
In the meantime, if you are using Intuit payment systems to process your credit cards, and using one of their supported software products, they will cover your liability through March 31, 2016. Specifically, if fraud occurs on the use of a chip card using a magnetic stripe reader, and you are using Intuit as your payment processor, Intuit will take care of the liability issue for you.
This only applies until Intuit has updated their software and released the new hardware. It only applies if you are using one of the EMV-compliant QuickBooks products and are using an Intuit payment solution. And, it only applies if you unknowingly accept a fraudulent credit card.
What are the EMV-compliant QuickBooks products?
The extended liability coverage from Intuit is only available if you use one of these products AND you are using an Intuit payment processing account. Even if one of the following products allows the use of other payment processors you are not covered by Intuit unless you have an Intuit payment account.
- QuickBooks Pro, Premier and Accountant 2016 using the updated USB reader. None of the older versions will be supported.
- QuickBooks Enterprise V16 using their updated USB reader.
- QuickBooks Online using the plugin USB reader.
- QuickBooks Point of Sale V12 using the plugin USB reader. None of the older versions will be supported.
- QuickBooks Point of Sale powered by Revel Systems using the hardware that will be provided by Revel. This is only if you use Intuit for payment processing.
- QuickBooks GoPayment using the updated plugin reader.
- QuickBooks Mobile using the updated plugin reader.