Credit card fraud and business data breaches continue to be a major issue around the world; the situation is even bleaker in the U.S.
The U.S. has led the world in fraudulent charges for the past few years and losses due to card fraud in this country alone are expected to top over $10B in 2015.
For large businesses, the threat of fraud is always persistent, but if there is ever a data breach or a fraudulent transaction, they typically have the money and resources to quickly address the problem and recover from any losses incurred—with any damage to their reputation eventually recovering over time.
On the positive side, recent high profile data breaches have put large businesses on notice that they need to take the necessary steps to ensure their business and customer data is protected. As a result, most large businesses are taking steps to stay on top of security technology and making investments to stay abreast of, and deploy the latest, technology to keep them safe.
For small businesses, however, the situation is different.
EMV for SMBs
Unlike larger organizations, the incentive to proactively research new technology and take action to prevent data breaches and card fraud isn’t that great unless a small business has been directly impacted in the past.
When it comes to technologies like EMV, this is very evident. EMV is a technology that has been around for years and is leveraged as a standard in all the major economies around the world except for the U.S.
EMV leverages chip card technology to make it virtually impossible for thieves to duplicate cards, thereby reducing card fraud at the point-of-sale. Card issuers in the U.S. are beginning to outfit their customers with EMV chip cards.
Unlike mag-stripe cards, on the EMV chip card always remains in the physical possession of the consumer – the consumer inserts the card into a EMV reader or taps it on a contactless sales terminal for the transaction. There is no hand off of a card number to the merchant. There is no swipe.
After October 1, 2015, if a consumer uses an EMV chip card and the merchant doesn’t have an EMV compliant terminal, and the transaction is found to be fraudulent, the liability for any charges is left with the merchant.
What is worrisome is that many small business merchants are not aware of this.
According to market research by Javelin, more than half of small business owners have little or no knowledge of EMV or the upcoming liability shift.
What is more alarming is that nearly three-fourths of small business owners have no plans to upgrade to EMV compliant terminals by the end of 2015.
And the main reason cited for not upgrading: a lack of knowledge around EMV.
But even for those who do know something about EMV and the impending liability shift, many don’t seem to be very concerned. Because they know they’re already liable for fraudulent charges, they don’t see the need to invest in EMV terminals. So to them, the shift really isn’t a big deal.
But they’re wrong.
True, merchants may be liable today in some cases for card fraud – many see it as a risk of doing business. But by shifting to EMV, merchants can eliminate any exposure or losses to card fraud for card-present transaction at their business.
Simply put, the difference with EMV is that merchants have a choice – they can either choose to eliminate risk by upgrading their systems, or do nothing and simply live with the possibility of taking a major hit due to card fraud sometime down the road.
The Market Decides
The other point for SMBs to consider when it comes to the EMV is the power of consumer choice.
As chip cards take hold, consumers will naturally move towards EMV transactions as the preferred way to pay. As they become more aware of technology and its ability to keep their data safe, they’ll naturally gravitate towards it. And if a merchant isn’t ready to take an EMV payment, it will translate into lost business—business that most SMBs can’t afford to lose.
For some small business owners, living with the risk of fraud or potentially losing a few customers is not worth the cost of spending a few hundred dollars to upgrade their terminal
But if a small business is hit with a major loss due to fraud, the cost of recovering financially and the time it takes to regain credibility with their customers may be difficult to overcome. And in the worst case scenarios, it could mean going out of business.
Making the Shift
It’s apparent that a great deal of work needs to be done to make sure small businesses truly understand the implications of EMV and the liability shift after October 1. And though small businesses owners are often pressed for time and resources, that can’t be an excuse for not taking the time to understand this major shift in the payment space.
On the other side of the equation, organizations with a vested interest in seeing small businesses thrive need to do more to find ways to communicate the EMV story in ways that small business owners can digest.
The net of the story is that fraud in the payments industry is alive and well. Less-than scrupulous characters will continue to look for ways to game the system and profit at the expense of small business owners.
But innovation in payment technology hardware and software is giving business owners more help and protection than ever before. The key is making sure businesses of all sizes—not just the big guys—are armed with the knowledge and the tools available to keep their business and their customers safe.
In 2015, it’s important all business owners shift to EMV technology to minimize their exposure to fraud and reduce the hassle of chargebacks. That’s the first step.
And once we put an end to card-present fraud, we can start thinking and talking about card-not present fraud, as that is probably where hackers and thieves will focus their efforts next.