Put down the credit card.
And read the instructions on the screen before instinctively swiping it.
The standard for merchants' accepting credit card payments is about to change, if it hasn't already.
Credit card technology that's more individualized and tougher on fraud has arrived, and it's changing the way consumers will pay for their day-to-day purchases.
EMV cards (which stands for Europay, Mastercard and Visa, the companies that created the new standard), also referred to as "chip cards," feature a computer chip about the size of your thumbnail. Customers insert their credit or debit cards into the terminal chip side-first rather than swiping the card's magnetic strip.
EMV technology has been around for years in Europe, but is just making its way to the United States.
"Because America is not EMV-enabled, we are a higher target for fraud," said Dan Westhues, senior vice president for retail banking at Central Bancompany. "The faster banks get EMV out and the faster merchants accept it, the lower target we become."
EMV's fraud prevention deals with how cards communicate customers' personal information.
"All the chip is doing for us is making every transaction unique," Westhues said. The credit cards most Americans are familiar with store customers' personal information on a magnetic stripe (or magstripe) that communicates that information the same way in every transaction. "The chip has all that same information, but it also has a one-time code that is synced with whatever it's communicating with."
The tiny computer chips on EMV cards are also more difficult to replicate than a magstripe.
"It's really cool technology, but it's complicated, which is why it's secure," Westhues said.
Retailers who have have implemented EMV payment technology already likely did so to meet the liability deadline set by the major issuers of credit cards in the United States, which passed Oct. 1 of this year. Since that date, merchants assumed liability for all credit card fraud that happens when a customer uses the magstripe capabilities of an EMV-capable card for a payment on a non-EMV terminal.
"That's what's going to push EMV going forward," Westhues said. "If you have a chip in your hand and you use it at a merchant that is not chip-enabled, they now assume the liability."
Moving target
If you haven't been asked to insert your chip-enabled card into a terminal yet, it's likely because many merchants haven't fully implemented EMV technology despite the Oct. 1 liability deadline.
Only 29 percent of small-business owners nationwide who accept credit cards planned to comply with the EMV standard by October, according to the results of a survey conducted by Gallup and Wells Fargo and released in August. In fact, only 49 percent of U.S. small-business owners who accept credit card payments were aware of the upcoming change when the survey was conducted in early July. At that time, 34 percent of card-accepting small-business owners did not even plan to upgrade their systems at all.
Credit card companies and banks issuing credit and debit cards aren't all the way there, either. At the end of 2014, only 7.3 percent of credit cards in the United States were chip-enabled, according to EMVCo, the organization responsible for managing the EMV specifications.
"Right now, we believe about 60 percent of all cards being issued in the United States will be chip-enabled by the end of the year," Westhues said. "Merchants, we believe, will be close to 50 percent by the end of the year."
"They decided to put this deadline of a liability shift knowing that our industry would push that, because whenever Visa and Mastercard come out and say, "There's a big shift here,' it gives us an opportunity in our industry to go back to customers and re-sell something," said Neal Tichelkamp, president/CEO of Ladera Business Solutions, a Jefferson City-based merchant sales and servant organization that acts as a third-party payment processor for businesses nationwide. "What we're running into at a lot of the smaller banks, they're not issuing the EMV cards on their debit cards until probably the middle of next year because most of the issuers are so far behind and they're taking care of the biggest customers first. ...
"There's going to be delays. When you're dealing with hundreds of millions of customers, there's no way around it."
As EMV becomes the norm, more businesses likely will opt for it as an added benefit of other upgrades.
"Merchants now want to accept Apple Pay, and they want to accept mobile-type payments, so they're having to upgrade their systems anyway. So that's kind of helping them get into EMV as well," Westhues said.
Upgrading payment processes
Dealing with fraud on a larger scale, national retail chains like Walmart, Target and Hobby Lobby have installed EMV-capable payment terminals in their stores, including those in Jefferson City. Smaller businesses have made slower progress, generally.
Missouri Furniture, which operates Jefferson City, Columbia and Springfield stores as well as six more across the state, upgraded its nine point-of-sale credit card systems in September with customers in mind.
"I think they get peace of mind out of it that you're using the new technology that keeps them from getting ripped off," said Missouri Furniture owner Dave Faiferlick.
Still, fraud was not a major concern for the business, and the upgrade came with a roughly $5,000 price tag just two years after the furniture retailer had paid to replace its payment systems with non-EMV models.
"In our business, we deliver most of the stuff we sell. We normally know where everybody lives when we sell stuff. We can track them down," Faiferlick said.
At Marsha Everts' single-location store, EMS Professionals on West McCarty Street, EMV capability came along with a needed point-of-sale system upgrade.
"We were using a general accounting system, which was not a good point of sale," Everts said, noting the previous system required manual entry and printed full-page receipts, slowing down the checkout line. She was not overly concerned about preventing fraud in her line of work, but said she appreciates the protection EMV provides anyway.
"Now I'm glad I have it," Everts said. "It was an expense to us, but in the long run is going to save us money," in terms of both speeding up checkout and keeping fraud liability off the business.
While EMV-capable payment systems are not exactly common in Jefferson City at this point, Westhues estimated Central Bank has installed them for about 20 of its local merchant customers. The technology's more widespread use could depend on employee training and businesses' weighing the benefit of EMV use against the extra time and confusion it might add to customer transactions.
"A magstripe transaction run in the United States on a clear communication is going to take six to 10 seconds. An EMV chip transaction is going to take probably 15-20 seconds," Tichelkamp said. "In most businesses, that's not a big deal, but in a lot of businesses that difference in the checkout line is going to be hard to absorb. They're going to have to come up with a better process, which means training employees."
Westhues added: "I don't know if merchant acceptance isn't as much about money as it is about process because every day is a dollar and every transaction is important."
A place customers likely have not noticed prolific EMV use is restaurants.
Retailers are "very transaction-oriented. They're swiping all day long: "Here's the ticket, sign it, and off you go,'" Westhues said. "Restaurants are different because sometimes it's being sold as integrated software."
Typical restaurant point-of-sale software includes functions like reservations and table organization in addition to payment processing, and vendors of that software have more to consider when updating those programs for EMV. Plus, an EMV transaction requires that the credit card remain in the terminal until the transaction is complete, making it nearly impossible for a customer to add a tip after paying the bill,.
"You can go back and tip-adjust an EMV card, but most of the processors haven't built the software for that," Tichelkamp said. "So it's going to be a situation where in a lot of the restaurants they will have to say, "Do you want to leave a tip?'"
Restaurants whose customers already pay at the front desk might have an easier time with such a system - "you just have to decide what your tip's going to be before you run the card," Westhues said. But in restaurants where such a process is not a practical solution, no easy answer exists yet.
"The best solution is handhelds, but you want to talk about expense," Westhues said, noting handheld terminals
that allow for full payment transactions at the table are commonplace in Europe. "They've just got more work to do as an industry. ... There's solutions that are coming, but they're just not all there yet."
Risk vs. reward
Mid-Missouri is a relatively low-risk area when it comes to credit card fraud, Tichelkamp said, meaning merchants that have not updated their payment systems may not have much to worry about.
So why worry at all?
"For the merchant and for the banks, there is added cost," Westhues said. "The payoff is less fraud, obviously, and that payoff, I think, is going to come quickly, both for banks and for merchants."
Tichelkamp estimated a system upgrade could cost a business anywhere from $130 to $1,500, depending on the number of terminals and software requirements. Some processing companies even offer free EMV upgrades with certain contract stipulations.
"There are options that are just as inexpensive as anybody wants," Tichelkamp said. "It's just a matter of whether they really want to."
Some businesses might decide the investment wouldn't pay off, depending on the amount of fraud they encounter.
"There's so many low-risk customers out there," he said. "In a situation like that, where there's just very low risk on a business, the only reason for them to do that is convenience for their customers."
A higher-risk business might be a jewelry store or a retailer that sells a product fraudsters could easily buy a lot of then turn around and sell.
"We tell even our low-risk customers, "Look, if you don't want to do it now or you don't do it before October, when your machine needs to be updated, then you definitely want to do it."
Related article: