What is EMV?
The EMV Chip started as a collaborative global standard initiated by major financial institutions. Its primary objective was to establish compatibility between cards equipped with chips and the terminals employed by these institutions. Over time, the scope of EMV expanded, evolving into a versatile technology toolkit that enables secure and consistent worldwide payments, whether they occur face-to-face or over digital platforms.
Currently, the oversight of this standard’s management rests with EMVCo, a global entity dedicated to facilitating universal compatibility and endorsement of secure payment transactions. EMVCo plays a key role in overseeing the evolution and refinement of EMV Specifications, as well as the associated testing processes.
How secure are EMV Chips?
In terms of security, EMV chips employ encryption and tokenization techniques to safeguard sensitive card information. This proactive approach ensures that data confidentiality remains intact throughout transactions, offering an elevated level of protection for the storage and transmission of critical information.
In a gradual transition, EMV chips are gradually supplanting magstripes, those magnetic bands commonly found on the back of credit cards. Unlike magstripes, which rely on unchanging data and do not encode information as it passes through a point-of-sale terminal, EMV chips provide a shield for data once accessed by a terminal, enhancing the security of the entire process.
EMV Liability Shift
The EMV liability shift denotes a change that took effect on October 1, 2015. From that particular date onward, payment networks gained the authority to hold most retail establishments responsible for a deceitful transaction if the business keyed in or swiped a card containing an EMV chip rather than inserting or tapping it.
Locations engaged in the sale of fuel, such as convenience stores, were granted an extension. They were not compelled to adopt EMV technology to evade accountability until April 17, 2021.
Using EMV card readers is not mandated by law, allowing businesses to carry on without receiving cards that are dipped or tapped. However, pursuing this route exposes them to escalated accountability, potentially resulting in costly chargebacks and other complications if they inadvertently process a fraudulent charge.
It's noteworthy that businesses bear no liability for fraudulent online transactions, including purchases made through websites, via a virtual terminal, or in response to a digital invoice. Additionally, businesses are not held accountable for in-person transactions conducted with a non-EMV credit card (commonly referred to as a magstripe card)