It's no surprise we'd eventually see a concerted effort to make more secure credit cards. Tech professionals have long reported on the myriad ways crooks can skim credit cards and manipulate magnetic strip readers (see Krebs on Security's in-depth rundown), and now financial institutions are finally rolling out their solution to the problem: chip-enabled cards.
As The Washington Post reports, American consumers have started to receive credit cards with a special security chip (aka EMV technology) in them. The idea is that chip will be more effective at cutting down credit card fraud than the magnetic strip alone because…
- The embedded microprocessor chips store and protect cardholder data.
- The dynamic authentication prevents easy duplication or skimming.
But the new cards come with a catch – they require credit card readers that can scan the chip. And once banks finish sending out these new cards by October 1, 2015, they expect merchants to have the chip-enabled card readers ready to go.
As you might've guessed, that's an easy enough switch for businesses with money to spare. But for small businesses? The report states 28 percent of them aren't aware these new chip credit cards and their special readers even exist.
Let's review why hiding your head in the sand about the latest payment tech is not a viable option for your business.
Can You Ignore the Card-Reader Overhaul? Short Answer: No
Financial institutions have plenty of incentive to prevent data breaches through these more secure cards. Often times, they end up paying when consumers' credit cards are compromised and fraudulent charges are made.
It makes sense, then, that these institutions would try to incentivize merchants to use their approved technology. They want to limit their own financial liability, which is the reason for the new cards in the first place.
The interesting thing is that if you don't adopt chip-ready readers, that financial liability shifts to you. As Chase Paymentech puts it, once the October 2015 deadline hits, if you haven't invested in chip-enabled technology, you may be have to foot the bill for card-present counterfeit and credit card fraud that could have been prevented if you'd used the chip-enabled POS system.
In other words, whichever party has the lesser technology will bear the liability. That means you can't blame the payment processor for your POS breaches. The responsibility and cost accompanying those breaches would be yours alone. For some quick facts about the prevalence and cost of data breaches, read "Top 8 Data Breach Misconceptions."
Prepping for October 2015: Card Reader Compliance Tips
You may have invested a fair amount in your point-of-sales system and devices, which means this upcoming switch is all the more unpalatable. But keeping outdated POS systems may be a more expensive move down the road if that older system is compromised.
To comply with the new payment tech expectations, you simply need to invest in a chip-enabled card reader. The good news is not all chip-ready readers are poised to break the bank. According to The Washington Post…
- Square is offering free chip-enabled readers for a limited time.
- PayPal and Amazon plan to roll out their own mobile readers.
- The cost of the new technology has decreased significantly thanks to all the competition.
Of course, the decision is ultimately yours, though there is plenty of incentive to make the switch.
To learn more about security concerns and mobile card readers, check out the post "Process Credit Cards on a Mobile Device? Here's the Good News & Bad News (and Good News!)."