EMV: Ready or NOT October is Here
The past year has brought a multitude of changes in payments, including PCI 3.0 requirements, EMV chip payment cards and the introduction of new mobile payment methods from CurrentC, Google and Samsung. The result is a fragmented capability across retail that's impacting consumers who want simple, flexible and convenient shopping with seamless payment methods.
Retailers cannot afford to lag behind in addressing these changes. The challenge is complicated by the competing priorities of meeting customer expectations, complying with regulatory requirements and adopting emerging payment alternatives. Instead of reacting to change, retailers must begin to address customer experience and the evolving payment spectrum in a holistic manner. Many retailers treat compliance as a necessary evil, rather than as an opportunity. This mind-set, coupled with the speed of change, results in a poor customer experience and technical execution.
There are five questions retailers should ask when implementing new capabilities in order to develop a cohesive payments strategy that reduces the risk of fraud and better integrates customer experience with operations:
- Is the experience engaging and compelling for the customer?
- Is the solution flexible and adaptable to changing requirements?
- Has the risk assessment addressed both customers and operations?
- Has change management been provided across both operation- and customer-facing roles?
- Is there a way to measure outcomes from readiness to execution?
Though many large retailers are on track to meet the basic EMV requirement in October, few have systematically addressed these questions. Small and midsized retailers are less likely to have done either.
This range of EMV readiness causes confusion for both retailers and consumers, making it one of the most serious challenges of the transition. Some locations will require a pin with card insertion; others will require a signature; and unattended locations may require no secondary authentication at all. Adding to the complexity, if any link in the payment value chain from issuing bank, acquirer, processor and retailer isn't EMV capable, the liability for losses will result in chargebacks for counterfeit payment card transactions.
Retailers risk losing products and/or services, incurring fees for payment processing, and absorbing chargeback penalties. The timing of chargebacks can also increase risk. Counterfeit transactions may not be immediately detected, triggering a chargeback days, months or even years after the transaction. By law, a cardholder has two years to file a dispute, obliging retailers to retain transaction history and documentation for two years.
Many retailers minimize the perceived risk by assuming that current fraudulent chargebacks are the extent of the risk. This perspective overlooks the risk of organized fraud from counterfeit cards. For SMB retailers, the financial impact could be significant if chargebacks occur, as funds are withheld for up to three months to cover the fraud.
Chargebacks can occur for numerous additional reasons, including customer disputes, processing errors, authorization issues and incomplete documentation. Given the time and effort required to dispute each chargeback, retailers should consider the impact of organized fraud and ensure that the necessary tools and technologies are ready to support the dispute process. Additional consideration should also be given to predictive analytics to identify fraudulent activity before it results in chargebacks.
The U.S. sees more global counterfeit magnetic stripe card fraud than the rest of the world combined. By developing a holistic payment strategy that considers risks, payment alternatives, operational impact and technology flexibility, retailers will be prepared to both manage their risk and offer the easy, positive experience that today’s consumers expect.
Chuck Winter is principal, North Highland, a global consulting firm.
Related story: EMV: The Risks and Rewards of Doing Nothing