Why Your Small Business Needs to Upgrade Its Credit Card Terminals to Comply with EMV
On October 1, the new rules requiring merchants to comply with EMV and accept chip-enabled credit cards, or face liability for fraudulent charges made at their business went into effect. As most consumers have received — or will receive shortly — new credit cards that contain chips designed to better secure their account and personal informational during transaction, it’s only understandable that they will expect to be able to use the cards when making purchases at in-store terminals.
According to a survey by Wells Fargo released in August, only about 50 percent of small businesses were ready for the deadline, and those who were not were either unaware of the new requirements, planned to upgrade after October 1, or had no plans to upgrade their credit card terminals at all. The most commonly cited reason for a reluctance to upgrade was a concern over the costs of an upgrade, followed closely about a lack of concern about the increased liability for fraud. For the typical small retailer, the cost of fraud is much lower than that of a major retailer like Target, who paid out more than $67 billion after the major data leak in 2013.
That being said, small businesses should still upgrade their credit card readers to accept chip-enabled cards.
Again, the typical small business is probably not going to face billions of dollars in charges due to fraudulent transactions. However, statistics reveal that as many as 7 percent of all credit card transactions are fraudulent, costing small businesses as a whole billions every year. By not upgrading to EMV-reader equipped credit card terminals, you’re accepting responsibility for those transactions.
Customers who spot fraud on their accounts will still report the crime to the bank as always, but instead of the bank reimbursing the customer, you will be on the hook to reimburse the bank. This isn’t the case if you can accept chipped cards. If you estimate even a conservative 5 percent of your transactions are fraudulent, this can result in thousands of dollars lost — and a major hit to your bottom line.
Most people who carry major credit cards are beginning to receive new, chip-enabled cards from their card issuers. While not everyone has a full understanding of how the new cards work, many banks are putting a great deal of time and money into educating customers and encouraging them to use the chipped cards to protect their identities and their finances. Many customers, hurt by the major data breaches in the past, will be actively looking for those merchants who can accept the more secure cards, and are likely to choose those who do over those who don’t. Failing to upgrade your card readers could result in a loss of business.
Increased Chance of Hacking
There is some speculation that the credit card reader deadline is actually going to lead to an increase in hacking incidents, especially as criminals determine which businesses have the enhanced card readers and which don’t. Criminals will be watching for businesses that do not accept chipped-cards and are likely attack those businesses. That’s not to say that all business who do not upgrade their readers will be the victim of a data breach, but the likelihood of becoming a target increases, putting more pressure on your other security measures.
Upgrading Your Readers
By some estimates, each new credit card reader will cost businesses $450 to $1,000. However, many credit card processing companies are offering less expensive solutions, especially those companies that are requiring clients to upgrade. Since most small businesses have only a few card readers (and the majority only have one), the cost of the upgrade is considerably less than for a major retailer.
There is a learning curve associated with the new cards that both customers and merchants need to get comfortable with. To use the new cards, customers must insert the card into the reader and wait for an alert (usually a beep or tone). When the alert sounds, the customer will be prompted to enter the secure PIN, which will convert the details of the transaction into a one-time use code that is transmitted to the processor. If a customer tries to swipe a chip-enabled card in a machine equipped to read chips, he or she will be prompted to try again using the chip reader. These extra steps and alerts will help keep information safe, but will also, at least initially, increase the time it takes to make a transaction.
However, despite the drawbacks associated with implementing a new system, the overall effect should be a decrease in fraudulent transactions and significant losses due to data breaches. Business owners should understand their role in data protection, and do everything possible to protect their business and their customers.