Following a string of high-profile data breaches last year, Visa and MasterCard handed down a requirement that all merchants transition to the more secure chip-enabled credit card payment system by October of this year. While several major retailers have already made or are in the process of making the switch, a new report finds that many small business owners don’t even know about the deadline – or the potentially costly consequence of not meeting it.
A new survey of 600 small business owners compiled by Wells Fargo found that more than half of those who accept point-of-sale card payments are unaware of the requirement to change to EMV chip card technology.
EMV chip-enabled credit and debit cards, which are being sent to customers by their financial institutions, are designed to protect against fraudulent transactions by encoding cardholder information within an encrypted microchip and data that changes with each transaction.
Nearly 51% of the small business owners that took part in Wells Fargo’s survey say they were unaware that after October 1, they would be liable to cover the costs of any fraudulent transactions.
That means if a merchant is using the old swipe-and-sign system they are liable for the fraudulent charges if the customer has a chip card. Conversely, if the merchant has the proper chip-enabled system but the bank hasn’t issued a new chip card to the customer, then the bank is liable.
As on Consumerist reader points out, there are some exceptions to the liability shifts, mainly for gas stations. The Liability shift for Automated Fuel Dispensers (pay at pump) transactions is October 1, 2017.
Of the business owners who currently accept point-of-sale card payments, only 31% say their systems are capable of accepting chip-enabled cards.
When asked if they plan to upgrade their point-of-sale credit card terminals to accept EMV chip cards, just 29% of business owners said they intend to make the change before the Oct. 1 deadline.
Another 34% reported they plan to make the switch after the October deadline, while 21% of merchants say they never plan to make the change.
Business owners reported a variety of reasons for not making the shift by the October deadline:
• 48% feel that upgrading their payment terminal will not impact their business.
• 46% do not want to pay for the costs associated with upgrading.
• 41% are not concerned about the liability shift in the case of fraud.
Additionally, many small business owners – about 42% – expressed concern that the liability switch would reduce fraud for businesses.
“While our industry has made great progress in the last year informing and preparing small business owners for the EMV liability shift, the survey findings show us that we have more work to do,” Debra Rossi, head of Wells Fargo Merchant Services, said in a statement.
The shift to more secure card systems comes at a time when American credit cards represent nearly half — 47% — of all credit card fraud incidents.
The main culprit is one we’ve covered many times before: in the U.S., where magnetic stripe technology is still the dominant way payment cards are accepted, we are vulnerable to software incursions and theft. Simply put, we are low-hanging fruit. Intruding into a system like Target or Home Depot and making off with usable data for tens of millions of payment cards is easy as pie, at least as compared to other nations.