Thursday, March 13, 2014
"The recent high-profile breaches have served as a catalyst for much needed collaboration between the retail and financial services industry on the issue of payment security," said Visa President Ryan McInerney, noting that no industry or technology can resolve the issue of payment fraud single-handedly.
Chris McWilton, President of North American Markets for MasterCard, concurred, stating that only through industry collaboration and cooperation will the real and immediate issue of security be addressed – and consumer confidence and trust be maintained.
While the names of other participants in the group have not been disclosed, Visa and MasterCard are urging banks, credit unions, acquirers, retailers, POS device manufacturers and industry trade organizations to join in the endeavor.
Initially, the group plans to focus on advancing the Europay/MasterCard/Visa (EMV) chip-card standard in preparation for the October 2015 deadline when fraud liability in the United States will shift to merchants who fail to adopt the new standard. While the U.S. payments infrastructure is more complex than most other countries where EMV has been adopted, evidence correlates EMV implementation to reduced card-present fraud activity in those nations.
"Every country's financial industry landscape is different, and the EMV roadmap that the United States will follow will vary from others," said Dmitry Tarusov, Senior EMV Engineer at EFT Source Inc. "Because of this, it is impossible to determine if the joint initiative is timely or behind the curve. It is simply the natural progression for the EMV migration in this country. The same applies to other groups that are pursuing similar goals."
The Merchant Risk Council is one such group that is working with the card brands to address security issues. "We very much support their decision to promote and require chip and pin cards in the U.S.," said Karisse Hendrick, MRC Program Manager, Americas. "We have included EMV conversion as a topic of education for our members for the last year, in partnership with the card brands, and plan to continue to do so throughout the implementation process."
Another group, the Smart Card Alliance, has already made inroads with key stakeholders. "The Smart Card Alliance and the EMV Migration Forum are not part of this new initiative," said SCA Executive Director Randy Vanderhoof, who also serves as Director of the EMV Migration Forum. "The EMV Migration Forum, since its inception in 2012, has the full support of and meets regularly with all payments stakeholders, including all of the payment brands, to work collaboratively on the U.S. move to chip payments."
Lack of resources for EMV migration projects that meet the liability shift deadline could thwart progress. "In my opinion, the major challenge for financial institutions is the combination of a lack of EMV education and understanding, and limited human resources," Tarusov noted. "Though some portions of an EMV migration can be outsourced, it is very risky to not have an in-house EMV expert to manage day-to-day routines. In addition, these experts need to be available to advise on whether certain investments are worthwhile or unnecessary."
Monitoring EMV's impacts on fraud vulnerabilities elsewhere is one of those steps. "Because we are primarily focused on card-not-present transactions, we have worked with the card brands to deliver statistics and metrics from other geographic locations that have previously implemented EMV across all card brands," Hendrick said. "This advises our members to prepare for an increase in card-not-present fraud as card present fraud is greatly reduced with this change."
Hendrick believes that while the card brands are taking great measures to do their part in securing payments, groups like the MRC will continue to play a critical role. "While we focus primarily on merchant fraud, we also work closely with third-party solution providers, acquirers and issuers to know what risks are current and how to mitigate them, as well as to meet with each other, share perspectives and work together for safe and more profitable commerce," she said.
In the same vein, the new group is encouraging participation by all parties through open dialog. "These conversations will serve as a useful forum to share ideas, break down barriers and spur the adoption of next-generation security solutions for the benefit of all," McInerney said, adding that beyond EMV, the group will also address security solutions for online and mobile channels. 
Editor's Note:
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
