EMV: Everything You Need to Know
EMV technology is an integral part of global efforts to improve payment security. In this article, we’ll look at common questions surrounding EMV and how it helps to increase payment security.
Data breaches continue to pose risks to customers - according to a February 2019 report by the Federal Trade Commission, there were over 1.4 million reports of fraud in the United States in 2018. As data theft remains a significant danger to consumers and merchants, the use of EMV technology helps to protect credit card information.
What is EMV?
EMV stands for Europay, Mastercard and Visa. The acronym refers to a payment method based upon a technical standard pioneered by these three organizations. By adhering to the EMV standard, payment security is improved and the potential for fraud is reduced.
Introduced to the United States in 2015, EMV is now the global security standard for chip-based debit and credit card transactions.
What is an EMV card?
An EMV card is a credit or debit card containing an embedded microchip. This differs from the traditional credit card which featured a magnetic stripe - a security loophole which could be easily exploited by criminals. EMV cards are far more secure, and can be used in dipping, swiping or contactless payment situations.
An EMV card is also referred to as the following terms:
- Chip and PIN card
- Chip-enabled smart card
- Smart-chip card
- EMV smart card
How do EMV cards work?
For consumers using an EMV card, the process is straightforward - when making a purchase, they simply dip or insert their card into a chip-enabled terminal and wait for the transaction to be authenticated.
This contrasts with the older method of swiping a magnetic stripe through a payment terminal, which opened the card user to potential security risks.
Why is EMV more secure?
When a transaction takes place using an EMV card, a transaction number is generated which is unique and cannot be replicated. Even if a hacker tried to steal information from a payment system, duplicating the information from an EMV card would be of no benefit - because customer data is encrypted and the transaction number isn’t reusable.
The microchip is therefore the key element in reducing counterfeit fraud, as the card information is unable to be used for copies.
The magnetic stripe on older credit cards was a huge security vulnerability. Sensitive information is at an ever-increasing risk from data breaches, and EMV technology significantly lessens the opportunities for hackers to obtain credit card information. This reduces the risk to consumers and the reputational and financial cost to organizations.
How effective is chip technology in preventing fraud?
According to Visa’s December 2018 chip card update, the shift to EMV has been extremely effective in reducing credit card fraud in the United States. The statistics show:
- For merchants who have completed the chip upgrade, counterfeit fraud dollars dropped by 80% between September 2015 and September 2018.
- Chip cards are now accepted in over three million merchant locations.
- 68% of U.S. storefronts now accept chip cards.
- In December 2018, 98% of overall payment volume in December 2018 was on EMV cards.
What is EMV compliance?
In order to get U.S. businesses on board with using EMV technology to protect customer data, the Payment Card Industry Security Standards Council (PCI SSC) declared that merchants who did not adopt the secure payment acceptance method if accepting card-present transactions by October 1, 2015, would face increased potential liabilities. This was known as the liability shift.
Under this EMV compliance regulation, any merchant who had not adopted EMV acceptance assumed the liability of fraudulent activity and the associated costs. Before this shift, it was the banks that would previously assume the liability. This has encouraged merchants to adopt terminals that have secure chip-reading capabilities.
What else can a business do to increase payment security?
EMV is one of the most recent global initiatives to fight fraud and protect sensitive data processed during card-present transactions. The advancement in technology not only protects the merchant, but also issuers and customers - so all parties involved benefit.
The technology of EMV, combined with other security solutions like point-to-point encryption (P2PE) and tokenization (replacing sensitive customer data with an untraceable, algorithmic number) provides for a powerful combination of protection.