Embed Size (px)
Citation preview
EMV Technology: Is your portfolio ready?
This presentation is brought to you by:
EMV is a fraud-reducing technology that can help protect your business against losses from the use of counterfeit and lost or stolen credit cards.
Updated EMV equipment will also allow the business owner to process NFC (Near Field Communication) or contactless credit cards. This includes Apple Pay, Google Wallet and other mobile wallet payments.
The EMV implementation will go into full effect on October 1, 2015 when the liability shift takes place. The transition to full implementation will be a gradual process.
What is EMV?
EMV bankcards are embedded with a microprocessor, or smart chip, that interacts with the merchant’s point-of-sale device to make sure that the payment card is valid.
Cardholder data is stored in this smart chip, rather than a magnetic stripe. The smart chip technology adds layers of security, as a result of dynamic data.
EMV bankcard technology uses a computer and software with 100’s of built-in security features. The contacts on the surface of the device are connected to wires running from a computer chip under the surface.
How does EMV work?
The EMV infrastructure supports both
EMV contactless payments: simply tap or waive the card or mobile wallet and pay securely.
NFC Mobile Payments: provides secure mobile payments and increased loyalty & marketing options for issuers. (NFC = Near Field Communication)
Merchants can install dual contact/contactless POS terminals that accept contact EMV, contactless EMV & NFC Mobile Payments.
Why has there been an EMV Delay in the US?
The migration to EMV technology in the US has been slowed down significantly as the result of:
Infrastructure: Lack of EMV equipment in ATM machines, as well as merchant processing solutions.
Issuers: Card Issuers have a much higher cost to issue an EMV or “Chip” card versus issuing a traditional magnetic stripe card.
October 1, 2015 Liability Shift
As of October 1, 2015, merchants will no longer be responsible for lost or counterfeit and lost or stolen credit cards at the point-of-sale, only if they update to an EMV capable terminal.
The liability shift encourages chip transactions because any chip-on-chip transaction provides dynamic authentication data, which helps to better protect all parties.
According to Visa, with this liability shift, the party that, due to their lack of chip technology, is the cause of a contact EMV chip transaction not occurring, will be held financially liable for any resulting card present counterfeit fraud losses after October 1, 2015.
EMV Forecast for USA Mobile and Near-Field-Communications transactions will top
$1 billion in 2014, and are projected to reach $58 billion by 2017
The US is set to transition more than 1.2 billion payment cards and 8 million point-of-sale terminals to become EMV-ready by the end of 2015
It is projected that 166 million EMV credit cards will be in circulation in the US by the end of 2015.
The forecast predicts that large and medium-sized retailers will transition to EMV-ready solutions first, with small and micro-sized merchants taking longer to make the adaptations
BASYS EMV Strategies
Deployment of EMV Capable Terminals: BASYS deploys only EMV capable credit card terminals for new purchases, educating each new merchant on options regarding their existing reprogrammable equipment.
Marketing campaigns, statements messages, personalized phone calls & EMV introductory letters are available to inform and educate the merchants on EMV.
Merchants do not have to purchase a new terminal, however BASYS highly recommends that card-present merchants consider updating their processing solution to be EMV capable by 10/1/2015.
NOW: Achieve PCI Compliance!
EMV will not replace the PCI requirements and will always be a great risk assessment tool.
.
.
.
How Can Businesses Best Prepare?
2014: Breach Insurance, Encryption and Tokenization
2015: Update to EMV capable equipment.
NOW
Ongoing
2015
What are Encryption and Tokenization?
Encryption refers to the process of masking the credit card data while it is in motion. This can be during the communication process from point-of-sale to the issuing bank to obtain an authorization, for example.
Tokenization refers to the process of exchanging all the credit card data for randomized symbols and creating a “token” instead. Tokenization refers to payment data that is at rest.
EMV: Protect your data against card counterfeiting and card losses.
Multi-Layered Solutions:
Today’s advanced technology
increases the threat for data breaches. Focusing on only
one or two of these points of entry can
still leave the merchant
vulnerable.
2
1
How do EMV and Data Security Relate?
Encryption: Protects your credit card data while in transit during communication mode
Tokenization: Protect your data at rest. (e.g. Protect data while being stored in a secure database)
3
What is PCI Compliance?
PCI Compliance refers to the responsibility of the business owner to ensure that they are accepting and storing debit or credit card data in the most secure environment.
The PCI Compliance process can help you uncover vulnerabilities or areas of concern and can help prevent data breaches. PCI Compliance will still apply after the US EMV Adoption.
The Cost and Risk of Non-Compliance
The average cost to recuperate from a credit card data breach runs at $215 per compromised card number!
43% of merchants do not think that PCI should apply to their business because the threat level is so small, yet attacks are on the rise against small to medium-sized merchants.
Recent surveys suggest that over 70% of small businesses that are subject to a data breach don’t recover!
BASYS offers $100,000 Breach Insurance Coverage
BASYS PCI Strategies
BASYS takes a proactive approach to PCI
A Dedicated PCI Specialist to manage your bank’s portfolio
Upon boarding, merchants are contacted within the first 30 days
Quarterly scans to detect internet vulnerabilities
Non-compliance reports available to manage your non-compliant merchants
THANK YOU
