Shoe stores top US credit card EMV-ready leaderboard of fail
Almost three quarters of US merchants will miss deadline, risk wearing breach fraud costs.
Only 27 percent of US merchants and 40 percent of consumers in that country will be ready for the self-imposed EMV (Europay, MasterCard and Visa) chip-card payment deadline Thursday.
The cut-off is designed to curb rampant fraud in the country that makes hay of the use of magnetic stripes for credit card payments, far easier to replicate than the gold chips that symbolises EMV.
Missing the deadline means - at least on paper - that non-compliant merchants will need to stump up the cash for any fraud that results from security breaches of their systems.
Some US$266 million has been spent to date distributing EMV cards to US consumers who will still sign to confirm purchases. Ink will eventually be swapped for more secure PINs.
The cards cost between $2.17 and $2.90 each, twice that of mag stripe cousins.
US business consultancy Strawhecker Group in a September survey finds 27 percent of US merchants are ready to process EMV cards.
That data is from 62 payment providers who cover a quarter of US merchants.
Mike Strawhecker says the merchants who are aware that they are the most at risk are the first to make the shift to EMV.
“It makes sense that certain retail merchant types are more ready than others for the liability shift, as some are much more likely to potentially see fraudulent transactions,” Strawhecker says.
“While many retailers have not yet upgraded their terminals, big-box merchants such as Walmart and Target are ready for 1 October.”
Shoes shops and department stores are the best performers with 69 percent and 59 percent compliance rates respectively, the study claims. Stationery retailers and book shops are the worst with fewer than a quarter compliant.
Even second-hand shops are far more compliant with 44 percent complaint.
Jared Drieling, business intelligence manager at the consultancy, says many merchants will be "scrambling" after the first penalties hit breached businesses over the next 18 months.
"Come October 1st, unprepared merchants may be in for a rude awakening as they realise they are now liable for fraudulent transactions that occur at the point-of-sale."
Discover company Pulse says this month that a quarter of US debit cards or about 71 million cards will be EMV enabled by the end of the year.
Figures PDF from the Payments Clearing House in the UK and Australia show that while traditional card fraud has fallen in those countries where tougher chip and PIN EMV systems are in place, card-not-present fraud which targets online transactions has spiked.
In Australia the Payment Card Industry Data Security Standard deadline was continually pushed back due to wide non-compliance, even now. Security slack businesses were supposed to wear the cost of breaches, but have not. ®
Sponsored: Becoming a Pragmatic Security Leader