EuroPay, Mastercard, and VISA (EMV) Credit Cards Force Needed Security Upgrade with “Liability Shift”

Caleb Chen @bitxbitxbitcoin
October 26, 2014

The way that you pay with your credit card will start to change starting October of 2015. EuroPay, Mastercard, and VISA (EMV) are pushing a new standard in the United States, one that has already been adopted outside of the states for some time. Swipe-and-sign transactions, which rely on a magnetic strip, will be replaced by a microchip.

The microchip is superior to the magnetic strip because the magnetic stripe contains unchanging information that can be used to execute additional transactions; in contrast, if the microchip’s transaction information were “swiped,” the data is not viable to execute additional transactions, a necessary security improvement for the current American payments system that Bitcoin has already provided. Swiping will be replaced by contactless (“NFC”) data transfer or credit card “dipping,” and signing will eventually be replaced with the entering of a pin.

Also read: Sears’ Kmart Loses Customer Card Information in Data Breach

EMV Will Be Adopted Because of a Liability Shift

After October 2015, there will be a “liability shift.” Merchants can choose not to upgrade their PoS systems to support chip-and-pin transactions; however, they will then bear the liability for any fraudulent charges from customers using a chip-and-pin card. Likewise, if a merchant has upgraded and is faced with a customer that has not received a new chip-and-pin card from his or her bank, the liability shifts to the bank in that situation. Mastercard’s Carolyn Balfany explained to the WSJ:

The key point of a liability shift is not actually to shift liability around the market. It’s to create co-ordination in the market, so you have issuers and merchants investing in the migration at the same time. This way, we’re not shifting fraud around within the system; we’re driving fraud out of the system.

Balfany added that there are additional benefits to consumers beyond security improvements:

One thing to remember is this migration really isn’t about a single device or technology, it’s about establishing a technological platform for the next generation of payments. So the EMV standard that we are moving toward isn’t limited to chip and PIN cards, it also includes things like contactless payments, where you can tap the card against the reader, all with the same level of security. Card issuers will probably always issue a card, but in this system an  account can be resident in multiple places – so you can have the card, but also maybe a tag affixed to your phone for mobile payments, or a fob on your key ring.

Given the liability shift and the involvement of the banks, who almost all exclusively deal in Mastercard and VISA cards, it is unlikely that the EMV shift will receive as much pushback as ApplePay. Especially around America, the recent rash of credit card information heists on a grand scale has forced the hands of major companies. The migration to EMV has been planned since 2012 and the set deadline for the liability shift, the incentive switch that will drive fraud out of the archaic system, is October 2015.

What do you think about the EMV migration? Comment below!

Images from Shutterstock.

Caleb Chen @bitxbitxbitcoin

Caleb is a graduate of the University of Virginia where he studied Economics, East Asian Studies, and Mathematics. He is currently pursuing his MSc in Digital Currency at the University of Nicosia.