The October 1st EMV standard deadline has come and gone, and nearly 75% of U.S. merchants have not yet upgraded their magnetic-card-swipe terminals to new ones compatible with EMV cards.
There are lots of reasons for this – the upgrade is expensive and EMV only addresses purchases made with a fraudulent credit or debit card at the point of sale. Businesses that are the targets of fraudulent cards are typically those that sell high-priced items suited for resale on the black market or gift cards, which can be converted to cash by fraudsters.
While EMV is not mandated or required – it is only a matter of time (likely several years) where all terminals in the U.S. will need to read chips. So do merchants put it off or make the switch now? And if they make the switch now, should they consider a different payment method than just a regular old point of sale terminal – should they consider mobile?
Upgrading to EMV terminals has opened up a massive availability for mobile payment opportunities, as the upgraded terminals provide merchants the ability to easily add a pay-by-phone option. PCI Council General Manager Stephen Orfei recently spoke to BankInfoSecurity on how the migration to EMV in the United States will facilitate faster adoption of contactless mobile payments.
“We’re going to be very focused on mobile, as mobile is the future of payments,” Orfei says in an interview with Information Security Media Group. “With regard to mobile and EMV and contactless payments, the thing that is very exciting about the EMV implementation here in the U.S. is that as we move to EMV technology, RFID [radio frequency ID] and NFC [near-field communication] comes with it.”
Orfei discussed how the Council is doing more to help merchants understand the cyber risks they face by publishing guidance and best practices. PCI’s recently published infographic on devaluing card data maps out the three technologies essential to protecting data in the transaction process – EMV, Tokenization, and Point-to-Point Encryption (P2PE) version 2 standard.
You can listen to the full interview (by clicking under the picture of Mr. Orfei), which also discusses:
- Why the shift to EMV will spur upticks in ATM and pay-at-the-pump skimming attacks;
- How EMV could help reduce demands for PCI compliance; and
- How complementary technologies, such as encryption and tokenization, can help merchants devalue card data to secure transactions.
Bluefin firmly believes that each of these solutions play an important role in a holistic payment approach to security. Bluefin provides merchants with a PCI-Validated P2PE solution as well as Tokenization – both standard security offerings available on Bluefin’s PayConex Platform and Bluefin’s QuickSwipe mobile product.
So it’s not that EMV and mobile payments are coming – they are already here! Learn more about PCI Security Standards and how a holistic security approach to security is vital the success of your business.