Are EMV Chip Credit Cards Now Required by Law?

Enhanced security features became widespread in 2015 due to industry standards, not government intervention.

Sean McQuayOctober 1, 2015
On a similar note...
On a similar note...

Many or all of the products featured here are from our partners who compensate us. This may influence which products we write about and where and how the product appears on a page. However, this does not influence our evaluations. Our opinions are our own.

October 1, 2015, is the day of the much-discussed EMV liability shift — the reason your credit cards now have or will soon have chips embedded in them. But who decided that? Did the U.S. government pass a law requiring it?

In short, no. EMV chips are not required by law, but rather by industry standards.

The U.S. government could have stepped in and forced the credit card industry to adopt EMV technology, which is aimed at preventing fraudulent use of credit cards in transactions where the card is present at a merchant’s terminal. But it's not the government driving the shift.

Banks and the networks that process payments (such as Visa and MasterCard) prefer to avoid regulation, so they decided to “pull the trigger” on EMV themselves. If government had mandated the switch, it could have backed it up with fines or tax penalties. But the processors don’t have that kind of firepower, so instead they created the “liability shift” to produce an incentive.

What does the liability shift mean? First, it’s important to understand counterfeit fraud liability.

Before October 1, 2015, any time a consumer’s credit card was duplicated and used for purchases, the bank would refund the fraudulent purchase to the store, with the understanding that the bank could have done more to prevent the fraudulent transaction from occurring. This created an incentive for the bank to verify the cardholder’s identity.

Starting October 1, 2015, that liability for fraud shifts from the bank to the store in cases where the bank has provided an EMV credit card but the store has not upgraded to an EMV terminal. The logic behind this is that the credit card issuer did everything in its power to protect the consumer, and the store ultimately dropped the ball, so to speak. This creates the incentive for both the bank and the store to upgrade to EMV — so the bank can avoid refunding fraudulent transactions and the store can avoid losing money on fraudulent transactions. If neither the credit card nor the store is EMV-ready, then the traditional liability rules apply.

A couple additional points consumers should be aware of:

  • There is no clear path forward for applying EMV technology to debit cards, so the liability shift  does not affect debit cards. One study predicts that only 25% of debit cards will be chip-ready by the end of 2015. These chip-ready debit card implementations are being developed by the banks themselves, not by the EMV consortium.

  • In either scenario — before or after the liability shift — consumers are never liable for fraudulent credit card transactions. Credit card fraud can be a distressing experience for consumers, but rest assured, your bank accounts won’t be hit.

We want to hear from you and encourage a lively discussion among our users. Please help us keep our site clean and safe by following our posting guidelines, and avoid disclosing personal or sensitive information such as bank account or phone numbers. Any comments posted under NerdWallet’s official account are not reviewed or endorsed by representatives of financial institutions affiliated with the reviewed products, unless explicitly stated otherwise.