Posts Tagged ‘payments’

Fraudulent Credit Card Transactions Will Become Merchant’s Problem On Oct. 1

Wednesday, September 9th, 2015
Credit Card Fraud Prevention - Ohio CPA Firm.

As of Oct. 1, 2015, the liability for fraudulent transactions will no longer be assumed by the credit card issuing institution. Instead, if you (the merchant) fail to adopt EMV technology, your business will be responsible for any loss that results from a fraudulent transaction.

PCI to EMV – Protecting Credit Card Data

Your customers want their payment experience to be as easy and painless as possible, which is why you have come to depend on the ability to process credit card payments – especially if your average transaction is more than $20. But providing your consumers with the ability to pay with plastic has also been helpful to fraudsters looking to steal the information hidden within their card’s magnetic stripe. In an effort to crack down on fraudulent transactions, protect consumers and transfer liability from the credit card company to your business, the United States will begin to implement Credit Card EMV (EuroPay, MasterCard and Visa) technology.

Read Also: Businesses Beware: Sloppy Data Security Could Cost You

Change Is Necessary

Due to the increasing number of credit card breaches where millions of credit card numbers and associated data have been stolen, the industry has forced retailers and merchants to adhere to PCI (Payment Card Industry) Security Requirements. Supported by the PCI Security Council, the ultimate goal of EMV is to stop and prevent further fraudulent activity. Success has already been noted in countries outside the U.S. “Currently, almost half of the world’s credit card fraud happens in the U.S. where magnetic stripe technology is the standard,” states David Navetta and Susan Ross in a blog on Data Protection Report. “Outside the U.S., an estimated 40 percent of the world’s cards and 70 percent of the terminals already use the EMV technology. These countries are reporting significantly lower counterfeit fraud levels with EMV cards than with the magnetic stripe cards.”

Understanding EMV Technology

Credit Card EMV technology, which has been used in Europe since the early 1990s, replaces the magnetic stripe we have grown accustomed to with an embedded chip that, scrambles sensitive cardholder data at the point of sale terminal. This technology ultimately makes it more difficult to access and replicate consumer data in an attempt to commit fraud.

Businesses Can’t Afford Not To Comply

Why should you be concerned about the credit card industry’s switch-over to EMV technology? As of Oct. 1, 2015, the liability for fraudulent transactions will no longer be assumed by the credit card issuing institution. Instead, if you (the merchant) fail to adopt EMV technology, your business will be responsible for any loss that results from a fraudulent transaction. If your business currently accepts credit cards as a form of payment (and you would like to continue this practice), unless you want to be hit with potentially devastating losses, you must make sure to install and activate the new technology before the Oct. 1 deadline. That being said, some types of businesses will have a little more time to comply. If you aren’t quite sure whether or not your business is exempt, visit the website of each payment brand you accept to learn more.

Next Steps

  1. If you have not investigated or planned for EMV Technology, contact your card processor immediately to determine your business’s specific needs.
  2. Implementing EMV technology can be a cumbersome and time consuming project, but the best way to protect yourself from fraud and liability is to implement the new technology as soon as possible.
  3. If EMV technology has been implemented be sure to confirm that the chip reading capability has been enabled. In addition, confirm with issuers that cryptographic values are being associated with the card number to ensure that the EMV technology has been setup and configured properly.  Verifying that cryptographic values are being assigned will eliminate the chance of misconfiguration and possible fraudulent activity.
  4. Train your staff on the new procedures. When a customer tries to pay for a product or service using their card, they will notice some changes, such as their credit card being held in the EMV reading slot throughout the entire transaction process. This is normal, however your staff should be prepared to answer the questions that will certainly arise.

By Joe Welker, CISA (New Philadelphia office)

Want to learn more ways you can protect your business and your customers from a fraudster? Check out these articles:

Could Your Company Be Ransomware’s Next Victim? Don’t Turn A Blind Eye To PCI Compliance How Much Is Your Data Worth To Criminals?

Share Button

Will You Be Paying With Cash, Credit Or Bitcoins?

Wednesday, January 29th, 2014

Bitcoin has been all over the news lately, and you may be asking – what exactly is it? Bitcoin is a virtual currency. Only existing online, it’s powered by its users and not backed by any government agency. This new currency offers anonymity, convenience, helps facilitate international commerce and can fluctuate in value. Check out www.bitcoin.org for more information and frequently asked questions.  (more…)

Share Button