Four Considerations on the Path to EMV Compliance
With the EMV mandate approaching on October 1 requiring retailers to implement EMV-compliant POS terminals or be held responsible for any fraud losses after that date, retailers need a roadmap to prevent financial liability. EMV encryption provides a number of benefits, most notably, protecting cardholder information with each transaction from the moment the card is inserted and information is then transferred through the payment process.
According to Bank Info Security, 600 million EMV cards are expected to be in circulation by the end of 2015, putting the impetus on retailers to provide terminals capable of protecting consumer data and decreasing reliance on outdated magnetic stripe reader technology.
Some of the largest retailers in the U.S. have already implemented EMV POS terminals, but for retailers, both big and small still seeking avenues to EMV compliance, here are four considerations on their journey:
Picking the Proper EMV POS Terminal:
EMV POS Terminals have a variety of features, some required, some optional, according to a report from MasterCard Advisors. Some of these features include Offline Data Authentication (ODA) and PIN support. To ease the process of selection, terminal vendors can provide Implementation Conformance Statements (ICS), which offers retailers a breakdown of what EMV features each POS terminal provides so retailers can make a determination what works best for their business to meet customer expectations.
Implementing End-to-End Encryption (E2EE):
E2EE is another component of payment security that works in tandem with EMV. While it isn’t required for EMV compliance, E2EE is quickly becoming more common to further protect credit card data and it is recommended retailers implement this encryption along with EMV, according to pymnts.com. E2EE ensures data is protected as it is in motion through the payment process.
While E2EE focuses on protecting data in transition, tokenization focuses on encrypting data at rest as retailers store customer payment card information to track purchases and to assist in refunds. Tokenization replaces card data with a unique numerical token which is utilized by processors. Retailers choosing such a solution, should consider whether it uses ‘format-preserving’ tokens, according to the above report from pymnts.com, where the token is the same format (15 or 16 digits) as the primary account number. Format preservation is essential for integrating many accounting and reporting software systems and allows retailers to confirm payment with customers by referring to the last four digits of the account number, according to the report. This helps expedite the process of EMV payments, which leads to faster transactions.
Installing Contactless EMV:
NFC (near-field communication) payment cards have made their way onto the market with Apple Pay, Google Wallet and CurrentC, providing customers with a fast and convenient payment process. On the road to EMV compliance, retailers should consider installing EMV contactless payments which can provide the best of both worlds with increased security and an expedited checkout.
As the EMV mandate approaches, retailers will have a variety of considerations with regards to their business from preferred POS terminals, payment security and customer service. While the implementation of EMV will prove to be lengthy and require some large upfront costs, the potential benefits to the U.S. payment system could be massive with its European counterparts having seen massive reductions in fraud from 2007-2012.
To learn more about Panasonic’s retail solutions, check out the industry’s first all-in-one mobile POS tablet with an integrated EMV reader, the Toughpad FZ-R1.
Be sure to check out Panasonic Solutions for Business blog periodically for additional posts about EMV implementation as the mandate approaches this fall!