One year ago this month, EMV technology arrived in the U.S. credit card market — kicking and screaming, some critics may add. Just like a newborn baby, these new “chip cards” have upset our habits, placed extra demands on our time and elicited all kinds of opinions on how to deal with the change.
But ultimately we’re glad we made the plunge … right?
Evidence is showing that these chips are indeed making credit card transactions safer, and a recent NerdWallet survey found that most consumers view the switch positively. Plus, the technology has opened the door to faster and more convenient payment options in the future.
Why did we make the switch?
Before EMV, if bad guys wanted to clone your credit card, all they had to do was make a copy of the data on the magnetic stripe of your card and write that information onto another “magstripe,” like one found on a hotel key card. Fraudsters could then swipe the cloned card at a store and — as long as the cashier didn’t ask for ID or confirm the signature — they could buy stuff on your account.
Banks have tried for years to stop this practice by building internal algorithms that learn how and where you spend your money, so they can flag any purchases that deviate from your norm. But their systems aren’t perfect. Just last year a fraudster made a copy of my card and spent $2,600 at Saks Fifth Avenue in New York. Although my bank, Chase, approved that transaction, it recognized something was fishy and asked me to verify after the fact. I informed Chase that I hadn’t made the purchase, and the charges were removed. The fraudster walked away with the goods, Saks was paid, and Chase wrote it off as a $2,600 fraud loss on its books.
EMV technology was developed by Europay, MasterCard and Visa (hence the name) to prevent this kind of fraud. The chip in your credit card basically creates a one-time-use payment code, also called a cryptogram, each time you dip your card in a card reader. That way, if your card information were to be stolen, thieves wouldn’t be able to use it to create a fraudulent card.
I should note that the birthday we’re celebrating is not for the invention of this technology. EMV is more than 20 years old and has been implemented in most European countries for over a decade. We’re marking the one-year anniversary in the U.S. of the rather ominous-sounding “liability shift,” meaning the liability for counterfeit fraud has moved from the bank to whichever party failed to upgrade to EMV, whether it’s the bank or the merchant. This has pressured banks to issue chipped cards and merchants to upgrade their payment terminals to be chip-ready.
For instance, in my experience with Chase, if there had been a chip in my card, in addition to the traditional magstripe, and Saks hadn’t been able to accept EMV, the retailer would have been on the hook for the $2,600 fraudulent purchase instead of Chase.
How’s it going?
If you’ve heard the grumbling yourself — particularly on social media — you know that most of the complaints about EMV fall into two camps: One set highlights the annoyance of not knowing whether to swipe or dip, which arises when the point-of-sale device has a disabled EMV slot. The other set of complaints focuses on the slower processing time.
Here are a few gems:
“Can you put your card in the chip reader please” ya hold on let me cancel my plans for the rest of the day
— Christian Delgrosso (@christiand) July 24, 2016
The #Chipcard has vastly improved my customer experience. It includes my 3 fave hobbies: waiting, staring and then swiping it anyway.
— Jon Gamble (@JustJonnyG) July 30, 2016
In the countless transactions I’ve now used my chip card, I’ve literally NOT ONCE made the correct 50/50 guess whether to swipe or insert it
— Marnie Shure (@marnieshure) July 26, 2016
But the dissatisfaction over the switch to EMV appears to be overblown. According to the NerdWallet survey, nearly four in five respondents have positive feelings about chip cards, and almost half say that consumers benefit from the technology.
Still, the conversion is taking time. MasterCard says 88% of its credit cards are chip-ready, but only 33% of all payment terminals in the U.S. are ready to accept chip payment. According to Visa, 84% of the merchants that haven’t upgraded are working on the switch. Based on adoption rates in other countries, Visa expects 90% merchant acceptance in the U.S. in four to five years.
So if we’re making progress, why are there so many complaints? I think the root problem is pretty simple: We’re not used to technology slowing things down. Instant messaging, Uber and email all came with immediate speed benefits. EMV, while technologically superior, is so far running against that norm.
“This is the biggest thing that has happened in terms of consumer experience at point of sale since the past 25 to 30 years, in a scale this big,” says Chiro Aikat, senior vice president for product delivery at MasterCard. “Change is neither good or bad; it’s change.”
When we think about the immediate future of payments, there’s good news.
First, EMV is likely to improve. As more merchants switch to the technology, we can expect a more consistent experience across stores.
Second, efforts are underway to improve processing speed. Take Visa’s new Quick Chip technology — basically a “much more efficient form of EMV,” according to Stephanie Ericksen, vice president of risk and authentication products at Visa. This technology works entirely on the back end, meaning we don’t have to worry about facing yet another round of new chip cards or terminals. Quick Chip allows consumers to insert their card at any time while the cashier is still bagging. It generates the cryptogram faster and allows the card to be removed in about two seconds or less, she says.
“It feels much more like a magstripe experience,” Ericksen says.
We can expect Quick Chip — and MasterCard’s equivalent M/Chip Fast — to be rolled out over the next couple of years. Ericksen says the technologies are much easier for stores and their card issuers to implement than the EMV standard and don’t require new hardware.
(Note: Some readers have asked me why U.S. transactions remain slower than those in Europe. Many European card transactions are processed “offline” — meaning the point-of-sale device is not connected to the internet, and the chip in the card is able to approve the transaction without needing to communicate with the processor or consumer bank. In the U.S., we tend to have “online” transactions — each one is approved by the consumer bank, which requires more time. The technology behind Quick Chip and M/Chip Fast essentially mimics an offline transaction.)
Third, we can expect to see more tap-and-pay, or “contactless,” payment options — based on near-field communication (NFC) technology — in the near future.
“None of the point-of-sale manufacturers are shipping terminals that aren’t already ready for a contactless transaction,” says Jack Jania, senior vice president of strategic alliances at the chipmaker Gemalto.
This expected ubiquity of contactless options will enable wider use of mobile payments and will also facilitate more contactless card payments, which have just barely been introduced in the U.S.
But payment evolution may also happen beyond improvements in card-based technologies. Perhaps stores may experiment with their own payment experiences in apps, focused on convenience or loyalty. Starbucks, for instance, has struck gold with its app, which deftly combines loyalty and payment options, and I expect more merchants to try to match this experience. Retailers may also try to match the ease of Uber’s checkout, which happens silently and instantly when the customer steps out of the car.
One change that doesn’t appear to be on the immediate horizon for the U.S.? Chip-and-PIN credit cards, such as the ones in Europe, which require a PIN instead of a signature. Why? Blame it on cost and habit.
Switching to PIN acceptance for credit cards is estimated to cost issuers more than $2.6 billion to implement while saving them only $850 million over five years in fraud prevention. And it’s unclear whether cardholders are ready to tackle chips and PINs simultaneously. As fraud analyst Julie Conroy with the Aite Group noted, quoting a card issuer: “We don’t really think we can teach Americans to do two things at once. So we’re going to start with teaching them how to dip, and if we have another watershed event like the Target breach [in 2013] and consumers start clamoring for PIN, then we’ll adjust.”
Bottom line for EMV
All in all, I think this is a happy birthday for EMV. Yes, it’s caused some disruption and made us lose some sleep, but we’re better for it. Counterfeit fraud has dropped 54% at merchants that have made the switch or are close to completing it, according to the latest data from MasterCard, so something apparently is working.
Progress is still slow and clunky, but there’s a bright future, considering how the EMV upgrade is setting the stage for more technologies to flourish.
So happy birthday, EMV. Almost no one wanted you, but we’re glad you’re here.