Key considerations when moving to EMV
With just more than a year until the U.S. reaches the Fraud Liability Shift deadline, the time is right for the U.S. to join more than 80 other nations in adopting the more secure EMV card. In fact, in its report on global card fraud, The Nilson Report noted that the U.S. is the only region where counterfeit fraud continues to grow consistently, accounting for 47.3% of global losses in 2012, while generating only 23.5% of the total transactions volume. While all of the causes of card fraud are not the same, these numbers speak to the urgent need for more secure technology.
Typically, when merchants first consider the migration to EMV, their focus is on the hardware: what card reader do I need to allow my POS terminal to accept chip-and-PIN?
But, as industry consultant Rick Oglesby noted recently in PaymentsSource, “The differences between the mag stripe reader and the EMV reader go beyond physical attributes.”
EMV conversion doesn’t begin and end with the card reader, and this is where experience matters. Successful EMV migration and implementation includes an understanding of all of the technical considerations affected by the move to a chip-based card – or a partner who does. Only then will you feel confident in providing your customers with the solution that will make their transition as trouble-free as it can be.
Beyond the hardware, three additional considerations include:
1) The Workflow
The transaction process in chip card acceptance is significantly different than that of a mag stripe card. In an EMV transaction, the application and software Kernels – the functions that provide all of the processing logic and data to complete a transaction for each card brand – reside on the terminal, and create several more “steps” and data fields in the transaction process. This means that in the migration to EMV, not only does the actual hardware accepting the chip card need to be upgraded, but the software that supports the payment transaction through the POS does too.
2) Security and Compliance
EMV conversion requires multiple levels of hardware and software compliance testing to ensure that the chip on the card and the terminal application interact as they should. There are three Level Types of EMV certification, and EMV-enabled terminals like the T-Series have already received Level 1 and 2 certification.
The compliance process is not a one-time event, however. Certifications will need to be repeated every three years. And, even with EMV certification, the need for PCI compliance is not eliminated. In both of these, pre-certified solutions from experienced providers can significantly reduce migration and implementation time.With EMV and even other, yet-to-come payment technologies, these newer systems will continue to need software updates as changes are made to EMV Kernels and applications, in order to be able to keep accepting the cards. So any EMV migration plan should also include clear and defined maintenance. As with any software, Systems that are next-generation today will be scalable and flexible for tomorrow.
As a global company with its roots in the EMV-experienced U.K. and decades of payments industry expertise among its executive team, PowaPOS is one of the most experienced – and tested – POS partners in the world. From our EMV-enabled PowaPIN, which integrates seamlessly with the innovative T-25, to the PowaPOS SDK, which provides a secure interface to PCI and EMV compliant devices, we can help reduce EMV migration time reliably, while providing a robust, scalable, and stable solution.
Powa has been actively involved in Cards & Payments Asia conference and expo.
By Carlos Romero, Chief Technology Officer, PowaPOS