skip to navigation
skip to content

Financial Outsourcing Solutions

Compliance-Inside-Header.jpg

FOS Blog

16 Feb
2016

EMV and the Bank

EMV AND THE BANK

What’s EMV? It’s the acronym for “Europay, MasterCard, and VISA”. It’s the card chip technology and information security that went into effect on October 1, 2015 as a requirement of card vendors and not as a result of Regulation E (Electronic Funds Transfer). The major credit card vendors in the U.S. (VISA, MasterCard, American Express, and Discover) are in process of making a “liability shift” from the card issuer (Banks in our case) to the merchant. If the business doesn’t install the card reader technology, then the business rather than the card issuer becomes responsible for losses.

What’s the difference? EMV is a migration from magnetic-stripe cards to smart chip cards. The primary difference is that a mag-stripe card stores static cardholder information and is a one-way communication conveying information contained in the stripe seeking approval for the transaction. The mag stripe contains the full credit card number, the confirmation code, and other card holder information. “Eavesdroppers” can collect information during transmission which is contributing to identity theft losses. The EMV chip “converses” by sharing information from the card chip plus terminal information. There is a data flow from the card chip to the issuing financial institution to verify card legitimacy and to create a one-time communication string to process the payment request. Data communication is encrypted making the communication more secure. In Europe EMV enabled cards have been found to reduce identity theft and general credit card fraud. The U.S. is one of the last countries to adopt this technology.

What does this mean for a bank’s electronic banking services?

  • Are you familiar with your card issuer’s stance on EMV enabled cards? What are the liability parameters for your bank?
  • As a card issuer, are you issuing EMV compliant cards? If you’ve issued EMV cards, the liability for fraudulent transaction losses shifts from the card issuer to the merchant that is not EMV enabled.
  • If you provide merchant services, are you making EMV enabled terminals available to your merchants? If not, the liability will be yours because you chose not to support EMV.
  • Are you preparing for EMV enabled ATMs?
  • Have your staff who are responsible for processing EFT disputes been trained on the shift in liability?
  • Are you monitoring trends in card losses? They should eventually be declining.
  • Are you factoring these trends into electronic banking and BSA risk assessments (you should begin to see a decline in losses due fraud and identity theft).
  • Have you computed the cost-benefit of this technology shift?

EMV has everything to do with your electronic banking services and related profitability. Early adopters will benefit by preventing losses, a cost savings to the Bank!

For additional information contact the author Evelyn I. Dehmey at edehmey@fosaudit.com.

Related posts:

  1. Interagency Prepaid Card Guidance
  2. What’s Trending in Skimming?
  3. Considering Prepaid Cards?
  4. ECCHO, ECK, ECI – What the “E” is happening with electronic check processing?

|