Were you one of the 110 million Target customers whose credit or debit card was compromised over the holidays? No?
You only shop at high-end stores where this kind of thing would never happen. That is except for the 1.1 million Neiman Marcus customers who suffered a similar fate.
Changes are blowing through the U.S. credit and debit card industries with the intent of plugging the holes in this leaky dyke. These efforts could affect how you handle card payments at your dental practice.
U.S. credit and debit card issuers are going the way of their European and Asian counterparts and embedding a computer chip into the plastic. In the UK these are called chip and pin cards.
The credit card industry refers to it as EMV (Europay, Mastercard and Visa). The chip provides more sophistication and security than presently provided through the magnetic stripe.
Credit and debit card authorization goes through a 3-step process at the point of sale (POS).
1. Card Verification – card details are read and authenticated by the POS device. Currently this happens by the reading of the magnetic stripe.
2. Card Holder Verification – this is done through the verification of the signature provided by the card holder with the signature on the back of the card or perhaps with the merchant asking to see a picture ID.
3. Transaction Verification – this is an electronic exchange between the POS device and the card issuing bank. Has the credit limit been reached? Has the card been reported stolen?
The addition of the embedded chip in the card strengthens the first step and the addition of the pin entry strengthens step 2. With the embedded chip the card is nearly impossible to duplicate, even if you know the card holder’s account number.
It looks like the U.S. will adopt the chip but not the pin entry and continue to rely on the signature verification to validate the card holder in step 2.
How might this affect your dental practice?
It will require a new POS device replacing your present credit card terminal or card swipe mechanism. Of course the new device will be more sophisticated and more expensive.
Chip cards will also contain a magnetic stripe so as to be backward compatible with older POS machines. So, you may say, “I’ll just stay with my old credit card terminal and avoid the extra costs.” This comes with a risk and it is called “liability shift”.
The credit card industry (Visa, MasterCard, Discover, American Express) could transfer liability for certain types of fraudulent transactions to the party who is not supporting the embedded chip technology. If the issuing bank is not using the chipped card, they would be liable.
If the merchant is not using a chip enabled POS device, they would be liable. This liability shift is scheduled to take place in October of 2015.
Here are links to announcements from each of the major credit card organizations concerning the adoption of chip cards and liability shift.
Visa
MasterCard
Discover
American Express
Change to how we handle electronic payments is in our future.
Will it prevent credit card fraud?
No, but it will make it much more difficult for the criminal.
Next year you will need to determine if your risk in not adopting the new chip POS equipment might be less than your exposure to the liability shift.
Chipped cards will be a right click for consumers and a new consideration for business owners.
.