Banks rethinking move to EMV
It was huge news in the bank industry back in August 2011 when Visa announced its plans to finally make EMV a reality in the U.S., which it pitched in very savvy fashion as a way to prepare the market for a roughly concomitant move to NFC. The other big card networks soon followed suit, and big banks are pondering and establishing EMV adoption roadmaps.
The primary motivation for embracing the new card chip technology has always been to reduce fraud. Indeed, the notion that EMV would meaningfully reduce fraud was never rally questioned--until now.
A payments expert at the Atlanta Fed is raising some timely issues about the transition. Douglas A. King notes that card present fraud losses are rather small, in the scheme of things.
"For example, Discover reported $93 million in fraud losses for 2012, or roughly $8 million more than it spent on postage…Is it possible that fraud losses will have a larger negative impact further down the road? Absolutely, and I think they will. I also recognize there are other 'soft costs' associated with card fraud in terms of cardholder inconvenience and overall payment safety perception," he said.
But he's increasingly concerned that "EMV does not address the entire fraud loss problem. It's no secret by now that while EMV has been excellent at reducing face-to-face fraud, card-not-present (CNP) fraud continues to rise because EMV does not effectively prevent it in today's online environment. For example, since the rollout of chip-and-PIN in 2008 in Canada, CNP fraud increased from C$128 million to C$259.5 million in 2011. This is another example of fraud moving to the weakest link in the payments chain. Ultimately, EMV as it exists today only solves part of the fraud equation. Until a cost-effective and consumer-friendly CNP fraud reduction solution gains traction, I believe a business case for EMV built around fraud losses will remain difficult to build."
He questions whether banks will make the EMV move, asking, "Is the business case there?"
My sense is that banks have no choice but to make the move. The consequences for not making the move are too dire. Merchants are incented in the form of PCI-DSS requirement waivers. For banks, by October 1, 2017, Visa aims to shift liability shift for fraudulent POS transactions for most merchants. Currently, card issuers are liable for POS counterfeit fraud.
With the liability shift, if an EMV chip card is presented to a merchant that has not adopted contact chip terminals, the liability for the fraud will be borne by the merchant's acquirer. While this might seem like a shift from one unit of a bank to another, it probably makes sense to avert the issue and continue to embrace EMV.
As of now, the biggest banks have already gotten their feet wet with limited rollouts of EMV-enabled cards. They'll not want to pull the plug on that early effort. While EMV will not solve all problems, it will solve enough to be worthwhile most likely.
- here's the article
EMV confusion reigns