GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

Untangling the legal side of acquiring

News

Industry Update

NACHA seeks input on QR codes

It's anonymous mobile payments for Amazon

Accord reached on EMV liability shift

Breach exposes 2.4 million cards

Selling Prepaid

Prepaid in brief

The promise of prepaid MDC

New approach urged for cross-border enforcement

Views

The new PCI SSC guidelines: Separating the cloud from the fog

Kurt Hagerman
FireHost Inc.

Get ready for the mobile revolution

Michael Gavin
Merchant Warehouse

Education

Street SmartsSM:
Think like an aggregator

Dale S. Laszig
Castles Technology Co. Ltd.

Impact of EMV and NFC on acquiring

Jim Bibles
Aperia Solutions

Training customized for you

Bill Pirtle
C3ET Credit Card Consortia for Education & Training Inc.

Company Profile

PaySimple

Features

Meet The Expert: Ross Federgreen

New Products

Versatile storefront, mobile merchant app

AprivaPay Plus
Apriva LLC

Inspiration

Conform, with style

Departments

Readers Speak

Resource Guide

Datebook

A Bigger Thing

The Green Sheet Online Edition

May 13, 2013  •  Issue 13:05:01

previous next

Impact of EMV and NFC on acquiring

By Jim Bibles

There has been a lot of talk lately about how Europay/MasterCard/Visa (EMV) and near field communication (NFC) chip cards are going to impact the industry. Most of this has been directed at consumers and merchants; the impact it will have on the acquiring community has not been discussed.

Let me assure you, this impact is going to be significant from both an operational and a risk management perspective. Those who have been around enough years to have experienced the conversions to Derived Unique Key Per Transaction- and "truncation"-capable terminals know what you're in for when it comes to upgrading terminals for your entire portfolio and the resistance that will come from your merchants: I just upgraded my terminal five years ago. Why do I have to do this again? You're just trying to rip me off. If you joined the acquiring industry after these conversions occurred, welcome to the party.

From a risk management perspective, there will be some gains, but new risks are associated with the migration. The biggest risks will be related to fraud migration to the card-not-present (CNP) and e-commerce channel, and the shift of fraud liability to the party that has the least secure technology at the POS.

This initiative is not all doom and gloom from an acquiring standpoint. Some relief is built into the card company mandates. It will also facilitate the ability for acquiring entities to integrate closer with their merchants by offering value-added services, such as couponing, loyalty and data mining services. In the end, these will increase both customer retention and revenue.

Defining EMV, NFC and duality

The EMV standard was developed to ensure global interoperability for chip-based payment transactions. The key element of EMV involves the inclusion of dynamic digital data in every transaction. This makes these types of transactions extremely secure and reduces the risk of fraud.

NFC is a short-range, high-frequency wireless communication technology commonly used in contactless cards and mobile phones, as well as for passive radio frequency identification (RFID). Mobile payment applications include retailing, public transportation ticketing and interactive advertising.

Duality, in this context, is the ability to accept either EMV or NFC transactions through the same POS device. All card brand mandates require that merchants be able to accept both EMV and NFC in order to be exempt from fraud liability, to reduce Payment Card Industry (PCI) Data Security Standard (DSS) validation requirements, and to participate in MasterCard Worldwide's Account Data Compromise (ADC) relief program.

How EMV and NFC transactions work

The transaction flow with EMV and NFC payments is much the same as the traditional transaction flow, except for the addition of dynamic authentication and the chip technology that allows the issuer to transmit a unique card verification value with each transaction. This makes it virtually impossible to counterfeit the card if the transaction data is stolen.

While this technology is only available in the card-present environment at this time, it should be noted the card companies are working with computer manufacturers to expand dynamic authentication into the e-commerce space in the near future.

Implications for the acquiring community

The acquiring community needs to consider several issues when facilitating the transition to EMV- and NFC-capable payment acceptance technology. These include the following:


EMV/NFC implementation timeline

Following are important past and future milestones in the U.S. transition to EMV/NFC payment acceptance technology:

Oct. 1, 2012

American Express Co., Discover Financial Services, MasterCard Worldwide and Visa Inc. eliminate the requirement for eligible merchants to annually validate their compliance with the PCI DSS for any year in which at least 75 percent of the merchant's transactions originate from chip-enabled terminals.

April 1, 2013

Visa and MasterCard require that all acquirers and sub-processors make the necessary changes to their systems to ensure they are able to fully process EMV transactions.

Oct. 1, 2013

MasterCard sets ADC relief for merchants who process more than 75 percent of their transactions from an EMV/NFC-capable terminal - 50 percent reduction in card reissuance and fraud reimbursement to issuers.

Oct. 1, 2015

AmEx, Discover, MasterCard and Visa intend to institute a U.S. liability shift for domestic and cross-border counterfeit card-present POS transactions. This liability shift will mean that the entity with the lowest form of technology in the transaction will be liable if the transaction turns out to be fraudulent. For instance, if a fraudulent transaction occurs and the card involved in the transaction was either issued as an EMV- or NFC-capable card and the merchant is not EMV/NFC-capable, then the merchant will pay for the fraud.

Oct. 1, 2015

MasterCard increases ADC relief for merchants that process more than 75 percent of their transactions from an EMV/NFC capable terminal - 100 percent reduction in card reissuance and fraud reimbursement to issuers.

Oct. 1, 2017

AmEx, Discover, MasterCard and Visa expand liability shift to be effective for transactions generated from automated fuel dispensers.


Jim Bibles, Vice President, Business Development at Aperia Solutions, is highly regarded as a payments risk expert. He has excelled at developing and implementing risk-based compliance tools and programs for acquirers and ISOs of all sizes and is widely considered to be an expert in the field Payment Card Industry Data Security Standard compliance. Contact him at jbibles@aperiasolutions.com.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

USAePay | Impact Paysystems | Electronic Merchant Systems | Inovio