The conventional wisdom for the longest time has been that EMV card systems wouldn't appear domestically because card companies wouldn't offer the technology until merchants could use it, while merchants wouldn't invest in new readers until the cards were widely in use. This limbo allowed other countries in Europe and North America to leapfrog ahead of the United States. The result has been a kind of security system arbitrage that saw the biggest criminals invest heavily in the U.S. market, where their chances at stealing money were the largest. PCI-DSS was a decent effort, but compared to CHIP and PIN, it seems outdated. 

And we've collectively paid the price. 

But now, we can all applaud as Visa exerts more leadership in this area at a time when card issuers are slowly issuing more EMV-enabled cards (for international travelers, for example). The push toward EMV certainly counts as an added bonus, a cherry on top of all the NFC work we've seen lately. The dynamic authentication built into every EMV-enabled card will work with contact, contactless and NFC payments. Even if a payment card's data is compromised, it would still not be usable by the thieves. 

Adoption cannot come soon enough, frankly. To speed thins along, Visa has crafted a three-prong strategy that provides an interesting blend of carrots and sticks aimed at getting merchants to upgrade. 

Here's the carrot: Effective October 1, 2012, Visa will launch its Technology Innovation Program (TIP) domestically. This will effectively waive PCI DSS requirements for merchants who can show that 75 percent or more of their Visa transactions originate from chip-enabled hardware. To qualify, terminals must be enabled to support both contact and contactless chip acceptance, including NFC-based mobile payments. 

Here's the stick:

No later than April 1, 2013, Visa will require U.S. acquirer processors and sub-processor service providers to be able to support EMV transactions. This basically means that service providers must be able to process the additional data embedded in chip transactions. Visa will provide additional guidance for acquirer processors to certify that their systems can support EMV. There will be added costs here.   

Here's a stick disguised as a carrot:

By October 1, 2017, Visa aims to shift liability shift for fraudulent POS transactions for most merchants. Currently, card issuers are liable for POS counterfeit fraud. With the liability shift, if a contact chip card is presented to a merchant that has not adopted contact chip terminals, the liability for the fraud will be borne by the merchant's acquirer. The United States is the only country in the world that has not committed to either a domestic or cross-border liability shift associated with chip payments. 

All I can say is that it sounds good on paper. -Jim