- Joe Raedle/Getty
On October 1, 2015, the US started migrating to a more secure form of payment known as EMV.
It’s the reason you’ve been “dipping” your credit card into a terminal slot at some stores. Rather than reading the magnetic strip on the back of your card, payment processing systems now read a microchip on the front of your card, which aims to improve security and reduce fraud.
As you may have noticed, not all stores are accepting the chip cards – and you might not even have a new card yet.
Where exactly are we six months after the initial EMV rollout? Read on to find out.
The transition is just as uncomfortable as we imagined it would be
Dipping your credit card isn’t necessarily difficult, but it’s different – and it tends to take longer.
We’re completely altering the way we’ve been paying for years, and US shoppers are openly annoyed with the longer transactions.
“I feel weird standing there forever waiting for the transaction to authorize,” consumer Carolyn Branson told CreditCards.com. “I resent using the chip. It makes lines longer and makes me switch to cash about 40% of the time.”
Of course, a few extra seconds is a small price to pay if it means increased security. Consumer Lisa Ladonski told Credit.com, “The only problem I’ve had is that it takes a little longer for my card to be read. To be honest though, if it means my account is safer, I’m fine with that.”
The poor customer experience may also create a push towards mobile payments. As BI Intelligence’s Jaime Toplin noted in the US EMV Migration Report (available to BI Intelligence subscribers), “Systems like Apple Pay, Android Pay, and Samsung Pay are just as secure as EMV cards, but allow customers to avoid some of the hassles associated with the inconsistent migration, like confusing payment experiences and longer transaction times.”
Not everyone has an EMV chip card yet
This difficulty is in part because the chip cards aren’t universal. According to a CreditCards.com report, about 70% of US credit card holders now have an EMV chip card.
In October, roughly 120 million EMV chip cards had been issued in the US – today, that number is at an estimated 1.2 billion.
The new cards still have the magstripe on them, to accommodate merchants without the new payment processing technology.
- BI Intelligence
Not all stores can accept EMV chip cards
Even if you’re among the 70% with a new chip card, chances are, you still can’t use it everywhere.
“According to the industry group EMV Migration Forum, there are roughly 5 million EMV-ready terminals at US stores right now, but only 1 million have started accepting chips,” Credit.com reports. “In other words, when you see a chip reader, odds are four out of five that you won’t be able to use it.”
This doesn’t mean merchants don’t have the new technology installed. But in addition to buying and installing a new payment terminal, merchants have to undergo a certification process before they can turn the terminals on.
“Each part of a transaction must be certified, including the payment hardware and each payment network, like Visa or MasterCard, that merchants accept,” Rachel Abrams of the New York Times reports. “The whole process, even when it goes smoothly, can take weeks or months.”
- Joe Raedle/Getty Images
Consumers are most vulnerable to fraud during this transition phase
It’s important to remember that the EMV shift does not automatically eliminate fraud – any time you use the magstripe and swipe your card, your credit card information can still be stolen.
In fact, fraud will likely escalate before it gets better. Fraudsters will try to steal as much money as possible from the credit card system before higher EMV adoption rates block them out entirely.
As NerdWallet’s credit card expert Sean McQuay tells Business Insider: “Until the entire United States market switches over to EMV acceptance, that means we have this security gap – we have this vulnerability and we’ve kind of created an incentive for the fraudsters to get it while the getting is good. Until we entirely get rid of the magstripe system we’re going to see a lot of attention from fraudsters on magstripe cards.”
Consumers are particularly vulnerable at gas pumps and ATMs, as banks and gas stations aren’t required to switch to EMV technology until October 2017. They were given a two-year extension because it’s much more expensive upgrading gas pumps and ATMs than normal in-store terminals, McQuay explains.
According to NBC News, there has already been a spike in credit card skimming at some ATMs and gas pumps.
- Flickr / wonderlane
Merchants are starting to feel the costs of fraud
Before October 1, if you fell victim to credit-card fraud, your issuing bank would pick up the tab and insure you.
Now, the responsibility is on the merchants – if they’re still using the old “swipe and sign” system and don’t accept a chip-enabled card. If the merchant accepts EMV cards, the issuing bank will insure you like it used to.
Retailers are frustrated, because even if they’ve already bought the new equipment, they can’t necessarily use it until they’re certified. “The cost of waiting, retailers say, is piling up,” Abrams writes. “Until recently, banks covered much of the cost of fraudulent purchases. Since October 1, though, merchants that cannot accept chip cards have had to shoulder the cost of fraud, and banks have not been shy about passing along the bill.”
Avi Kaner, co-owner of the Morton Williams supermarket chain, tells the Times that the certification delay has already cost him thousands of dollars in covering fraudulent transactions.
- Matt Cardy/Getty
EMV technology does nothing to combat fraud online
“The other kind of fraud that we need to keep an eye out for is online fraud,” McQuay explains.
The new technology only affects in-store purchases – the procedure for paying online is the same, meaning that you’re just as vulnerable to the same security risks, and perhaps more so.
As Toplin wrote, “In 2014, the US generated almost half of the world’s total card fraud despite only comprising one-quarter of transactions. That’s because the US had the least secure payment card ecosystem. Once EMV is fully adopted in the US, fraud will move yet again, this time to online and mobile channels. In 2014, only 42% of fraud came from digital channels. In 2015, that number grew to 55%, and it’s continuing to expand.”
Until credit-card security makes more significant strides, it’s important to keep in mind best practices when using your card, such as monitoring your transactions for fraudulent activity and being mindful of where you’re making purchases.