September 14th, 2015 by Elma Jane

The security rules for fraud liability of credit and debit cards will change in the United States, starting October 1, 2015.

The new security rules would prompt major plastic card brands like MasterCard and Visa to upgrade their magnetic stripe based cards to more modern and secure chip technology based cards.

Credit and debit card fraud amount in the U.S. reached around $11.27 billion, in 2012.

With the new rules, any financial institution and payment processing merchant who would not upgrade their cards to chip technology would be held responsible for any committed fraud with their cards instead of their customers. This new rule would effectively transfer the liability in case of a fraud from the consumer to the least secure card provider. The rule specifically says that liability will fall on the bank or retailer with the least secure technology.

If the bank has not given you a new chip card, and you use your magnetic swipe card and there’s resulting fraud, the bank will be responsible for that.

All merchants who do not offer payment terminals that support chip based cards would be held liable for any fraud committed on their premises as well, from October 1. The new rules say that if the card is chip based and the merchants fail to offer a chip based terminal, and a fraud is committed, they would be held liable instead of the card holder.

With chip based cards, the customer would need to insert their card inside a chip enabled payment terminal while making a purchase. Then, they need to confirm the amount and enter a private pin to verify their identity. The customer would also sign for the purchase like using a regular magnetic card.

Besides MasterCard, Visa has already rolled out the new chip based terminals in the U.S. under its Zero Liability Policy.

The chip based cards are more secure compared to the old magnetic technology. That is one of the reasons why the new rules are promoting the chip based technology over the 55 years old magnetic cards.

Not all merchants have to replace their old magnetic terminals and it is still an optional decision, but industry analysts think that the shift of liability in case of fraud from consumers to financial institutions and merchants would likely prompt them to start using chip based technology.

 

Posted in Best Practices for Merchants, Credit Card Security Tagged with: , , , , , , , , ,

June 9th, 2014 by Elma Jane

Some American banks and financial institutions, like JPMorgan Chase, American Express and Citi, have already issued credit cards with new security technology. Other banks will do so by the end of the year. Often referred to as E.M.V. (short for Europay, MasterCard and Visa) or chip-and-PIN, these new cards use a combination of an embedded microchip and a personal numeric code to authorize payment transactions. Depending on the card issuer, some cards may have the chip but require just the old-fashioned signature instead of a PIN.

Most traditional credit cards in the United States today use a magnetic strip and a customer signature to seal a deal. The information embedded in the stripe can be easily cloned, however, and signatures can be forged. The chips in the newer E.M.V. cards which encode account information when transferring it to the merchant are harder to duplicate. The PIN must be entered for each charge, which helps make the cards more secure for in-person purchases. The cards are not infallible, though, criminals have still found ways to steal PINs and make fraudulent online purchases.

With new types of credit cards come new payment terminals, and many retailers must upgrade their equipment to make it compatible with E.M.V. cards. Instead of a slot to swipe the strip, the new credit card terminals typically need a chip reader. Most merchants will probably have the new equipment in place by October 2015, when new rules about fraud liability kick in. Under these rules, the bank or the merchant could be held accountable for any fraudulent charges if one of them has not upgraded to the new system. The party with the weaker security measures must pay.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , ,