Categories: SecurityWorkspace

America’s Chip And Pin Roll-Out Could Be Expensive

Thanks to the Target data breach, in which some 40 million credit card details were stolen, American credit card providers are finally moving to “Chip and PIN” or EMV credit cards, about ten years after they were rolled out in Europe. But the move will be slow and expensive, it seems, judging by this month’s Senate hearings on credit card security.

The duty to protect card payment systems falls to everyone in the payment chain, so banks and credit card issuers need to provide for up to date security, merchant processors need to be able to handle card payments securely, customers need to have the ability to get secure credit cards, and finally merchants need to have a secure method of accepting payments.

Blaming each other for Chip and PIN delays

If you listen to the posturing on Capitol Hill, another thing that becomes clear is that is that each of the major players claim the slow adoption of secure payment systems might be someone else’s fault. But that’s not the case. In fact, it’s everyone’s fault that the more secure method of processing card payments, the EMV chip and PIN system, isn’t as widely available in the US as it is everywhere else in the world.

The best US businesses can do is to take responsibility for the part of the credit card process over which they have some control. If a firm wants to reduce fraud, it must be able to accept the more secure EMV-equipped chip and PIN cards. These credit cards work by inserting the credit card into a reader, at which point the customer will be asked to enter a PIN on the number pad. At that point the sale will be approved.

Many US vendors believe EMV card acceptance is somehow hard to accomplish and difficult to implement. Turns out, it’s neither. In fact, it turns out that if a US business wants to accept EMV equipped cards, all it has to do is ask the right person.

It’s easy to do

I talked with spokespeople from Bank of America and Chase to find out exactly what’s required for a business to accept the secure chip and PIN cards. According to Joe Rauch, a spokesman for Bank of America Merchant Services the first thing you need is a merchant account with BofA or some other bank that handles the secure card readers. Rauch said that once the merchant is set up to accept credit cards, they will need to purchase the card reader.

The card reader does require an investment of between several hundred to as much as two thousand dollars, Rauch said, depending on the type of machine that the business needs, the details of their point of sale system and how many readers they need.  He said that for most businesses the reader only needs access to a phone line and it will work.

Steve O’Halloran, a spokesman from Chase, said that his organisation will configure the point of sale terminal for each customer, and then ship it directly. “Our goal is to make merchants’ transition to new EMV-enabled terminals as seamless as possible,” O’Halloran told eWEEK in an e-mail.

The process works like this: A business that wants to accept EMV-equipped credit cards calls Chase and requests a new POS Terminal. The merchant services staff at Chase then works with the business to determine which payment networks they want to use. There are several available in the US Once that’s done, the folks at Chase register the terminal with the networks and teach the merchant how to use the terminal if they don’t already know.

Once Chase sets it up, the terminal is able to accept EMV-enabled payments as soon as it’s connected to a working phone line. The terminals come from Chase Paymentech, which is the payment processing company that handles Chase credit card processing. The terminals are capable of automatically updating themselves remotely. Chase sells a terminal that the company says is future proof, and comes able to accept any sort of payment card currently in use.

So what’s the hold-up in accepting EMV chip and PIN cards? Partly it’s because many businesses don’t know how to go about getting the new machines. Partly it’s because the credit card processing companies don’t all provide EMV-enabled point of sale terminals. And partly it’s because a fairly significant number of companies use proprietary software in their POS terminals and that software needs to be modified so that EMV-capable readers will work.

For larger companies, it’s the sheer size and cost of the project. Target officials said during its Senate hearing testimony that the cost of converting all of its POS machines to accept EMV cards will be about $50 million dollars. That’s a lot of money, because Target has a lot of terminals. You can expect that a company of similar size will find the costs are about the same.

But companies are going to have no choice but to accept EMV-capable cards by October 2015 because at that point credit card issuers are changing the rules so that merchants without the ability to handle EMV-equipped cards will be liable for credit card fraud. That could be a lot more expensive than buying the right machines and getting the right software.

Try our Big Data Quiz!

Originally published on eWeek.

Wayne Rash

Wayne Rash is senior correspondent for eWEEK and a writer with 30 years of experience. His career includes IT work for the US Air Force.

View Comments

  • I am both a card user and a business with merchant account to accept credit or debit cards, and my processor has a pin pad for client to enter their pin.

    I have called my processor; they are prepared to replace my terminal at no cost to me! It's as simple as that.

    Banks and others tell us incomplete information!

    One bank issuing a card to me, sent me a replacement card with chip but also as magstrip on back. It's time for others to get a grip!

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

2 days ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

2 days ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

2 days ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

3 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

3 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

3 days ago