Complying with the EMV shift—the move to align credit and debit cards in the United States with proprietary chip technology—is extremely complex and expensive for merchants, and does not do enough to protect retailers from frees and risks associated with fraud, said Mallory Duncan vice president and general counsel at the National Retail Federation.
Duncan made his remarks during his keynote address at The NATSO Show 2016. He told attendees the U.S. credit card industry has not done enough to prevent fraud and could implement a number of measures, such as requiring a personal identification number to approve transactions.
Merchants pay for fraud from transactions by unauthorized users of cards. Banks pay for fraud from counterfeit cards. However, the transition to EMV technology moves the liability for fraudulent, counterfeit transactions to retailers if they haven’t installed EMV-compliant devices for in-store purchases. Truckstop and travel plaza operators will need to update pay-at-the-pump technology by Oct. 1, 2017, or could be held liable for any fraud.
Ultimately, Mallory said, EMV doesn’t reduce fraud. “It reduces the fraud for the banks because if you haven’t installed the equipment if a counterfeit card is introduced. They’re passing all of the costs from an old system and rather than re-design the system,” he said.
The National Retail Federation took a position that card signatures must be replaced with PINs to have effective card security, but the credit card companies have avoided PINs.
Mallory said the rules regarding credit card fees and fraud are made collectively by 10,000 banks. “Our credit card system is basically a walking, talking anti-trust system,” he said.
Duncan said educating lawmakers on the credit card issues and how they affect retailers is crucial. “The legislators are operating in the same environment consumers are and that is a lot of misinformation. They assume the breaches are caused by retailers,” he said.
In truth, only 8 percent of breaches occur at the retail level. The majority take place within a service provider, but the way existing laws are written, it is the retailer that have an obligation to report a breach to consumers, which is why their names are associated with the problem.
NATSO members will have an opportunity to discuss concerns over the current credit card system with their lawmakers during the NATSO Day on the Hill event May 16-18 in Washington, D.C.