Anytime there’s a major shift in technology there is a ripple effect. EMV is about to create some ripples.
We recently hosted a webinar with the CEB TowerGroup about Europay MasterCard Visa (EMV) credit card adoption and the connection it has to card-not-present (CNP) fraud. It was fascinating to hear Brian Riley of CEB outline the evolution of the credit card industry. This history has shaped where the industry is today in the United States and by extension the type of fraud it faces.
It wasn’t until the 1980s that credit cards became a mass market business and consumer oriented. Before that time, they had a limited audience and were used primarily by very wealthy people or frequent business travelers. Transactions were processed offline by hand using carbon copies—dumpster diving for account numbers on the carbon was the big type of fraud at that time.
A divide in the global market occurred when the United States began to authorize transactions in real time over a phone line. The cost of the authorization in the United States was inexpensive at approximately three cents a call. In Europe, it was much higher at 35-40 cents a call and this was not a feasible model. This is when Europe and the United States took different paths and there became two different approaches to card authorization.
The first version of the EMV system was released in Europe in 1994 and the specifications became stable in 1998. EMV cards are also known as smart cards or chip and pin cards. They are extremely effective at stopping in-person credit card fraud. Every time an EMV card is used, the chip in the card creates a unique transaction code that cannot be used again—magnetic-stripe cards don’t do that. EMV will sharply eradicate both counterfeit and lost/stolen card fraud in the United States. This is why there is a push to adopt EMV technology by October 2015.
One misconception that many people have is that there is some kind of legal requirement driving this transition in the United States. This is not the case. The credit card industry itself is requiring the switch to EMV. No one in the industry expects 100 percent compliance by October 2015—in fact many are predicting we will only be at 50-60 percent adoption. However, at that time liability for card present fraud shifts to this least complaint party. Point-of-sale merchants without EMV capabilities will become liable for chargebacks.
The United States is approximately a decade behind other countries in adopting EMV cards. One of the benefits of being late to the party is that we can learn from our European counterparts. Every country that has adopted EMV cards, and made in-person transactions more secure, sees a corresponding spike in CNP fraud. Businesses in the United States that rely on CNP transactions are being urged to fortify their fraud efforts and strategy for what’s to come. By 2018 CEB expects to see CNP transactions double from the current 12 billion to 20 billion. That growth provides a lot of incentive to fraudsters looking for a big pay day.
Anytime there’s a major shift in technology there are ripple effects. EMV significantly cuts counterfeit card fraud but it will also shift fraud to CNP. We are on the cusp of change and now is the time for businesses to get ahead of the fraud to come, look at their current strategies, and apply a strong, layered approach to online fraud.
You can watch a recorded version of our webinar, Get Ready for EMV and CNP Fraud to find out how device based intelligence can stop online, CNP fraud.
Are you ready for the EMV adoption and a rise in CNP fraud? Tweet us at @iovation and let us know what you’re doing to get ready.