While most retailers in the United States struggle to catch up to the new EMV chip technology for credit cards, Walmart has been ready for nearly a decade.
The nation’s largest retailer installed machines that could read the chip-embedded EMV cards nine years ago, trained employees on using the machines two years ago and turned on the readers in stores in November 2014.
Walmart even went one step further, embedding the company sponsored credit card with EMV chips so they too were ready when the industry-mandated deadline arrived.
“We’ve been pushing for several years to have more secure transactions and we know the EMV cards will provide it,” Walmart spokesperson Randy Hargrove told Debt.org. “The transition has been easy for us. We knew the EMV cards were going to migrate to the U.S. from Europe so we were ready.”
Merchants Slow To Implement EMV Card
Other retailers are taking their time. They like the added level of security an EMV card brings, but have trouble dealing with the costs associated with switching to the new technology. Estimates say it will cost about $8 billion to switch to EMV cards from the current magnetic strip technology.
The EMV card features an embedded chip that is expected to significantly reduce fraud by making it harder to duplicate the data on the card. The chip was the result of a partnership between Europay, MasterCard and Visa (EMV), who imposed an Oct. 1 deadline for cardholders and merchants to have the technology.
Many of the banks that issue cards and retailers responsible for having machines to read the cards missed that deadline, despite the heavy losses from credit card fraud that both have sustained for several years.
Fraud Hits Nearly 32 Million Consumers
An estimated 31.8 million U.S. consumers encountered credit card fraud in 2014, three times the number affected in 2013. Credit card fraud cost the U.S. economy $9 billion in 2014, a 26 percent increase over the $7.1 billion lost in 2013.
Yet only 40 percent of consumers had the chip-embedded cards when the Oct. 1 deadline passed and only 25 percent of merchants had machines capable of reading the EMV cards. The United States is the last major country in the world to adopt the EMV system.
The EMV card, which uses cryptography to generate a one-time use code for each transaction, should reduce fraud because the code can’t be duplicated. That makes it nearly impossible to create counterfeit cards.
Previous versions of credit cards had code stored on a magnetic strip. The code never changed, making it easy to steal data and use it to create counterfeit cards.
“The shift (from magnetic stripe to EMV) is about removing fraud from the system altogether,” MasterCard’s Beth Kitchner said, via email. “The 80-plus countries that have already implemented EMV have seen counterfeit fraud reduced by hundreds of millions of dollars. The goal is to achieve similar fraud reduction in the U.S.”
Losses Going Up Before They Go Down
The problem merchants, banks and card companies are facing is that the thieves perpetrating credit card fraud know the system is changing and their window of opportunity is closing. They have no problem stealing data from the current magnetic strip format so they are expected to exploit that at increased levels until that type of card is phased out completely.
Analysts don’t expect EMV cards and readers to dominate the market in the U.S. until after 2017.
EMV cards were developed in 1994 and became a staple of the European economy in 1998, but the United States has been slow to adapt to them. More than half the credit card fraud in the world (52 percent) takes place in the U.S.
Card companies finally goaded merchants into adopting the technology by laying out new rules that went into effect Oct. 1. Banks and the card companies used to assume liability when fraud was committed, but now the responsibility is shifting to the merchants.
The new rules say that the side that has the least security in their system when a transaction takes place is the one responsible for absorbing the cost of the fraud. Thus, the merchant is responsible if it does not have technology available to read EMV cards when one is presented to them.
“The October 1 liability shift was a milestone, not a deadline,” Kitchener said. “Banks and merchants have an opportunity to review their business models, assess their fraud risks, think through the experiences they want for customers to have and upgrade when it makes sense for them.”