The threat of assuming fraud losses carries some weight with merchants, but not as much as some might think. Converting many of these merchants to EMV will be a struggle.
Independent sales organizations, acquirers, and processors of all sizes are about to embark on a massive education campaign designed to get EMV-compatible point-of-sale terminals installed at millions of merchant locations by this fall. It won’t be easy and it won’t stop, even after the Oct. 1 liability shift arrives.
It’s a daunting task, considering that the estimated number of U.S. merchants that accept credit and debit cards is more than 8 million. But that doesn’t mean merchant-services companies are going to ease up in their efforts to get as many as they can ready by deadline day.
What will it take to get them ready? Educating merchants, easing certification backlogs, and overcoming business concerns will be central, observers say.
‘Really Aggressive Campaigns’
It will take a lot of education, says Craig Ludwig, head of product for the merchant-services segment of Total System Services Inc. (TSYS), a Columbus, Ga.-based payment processor.
“Over the next two months, we’ll start to see really aggressive campaigns from the [card networks],” Ludwig says, but this will be aided by marketing efforts from other entities downstream from the networks.
“There are some organizations that are being very aggressive about their marketing and education campaigns,” he says. “They’re selling on the premise that [EMV] is more secure, and they’re enabling those devices with encryption and contactless payments.”
Indeed, some ISOs have found success selling EMV terminals by touting the devices’ ability to accept contactless payments via near-field communication (NFC) technology. Merchants want to adopt mobile-payment technology, Ludwig says, much of which depends on NFC.
They know consumers wielding iPhones want to use Apple Pay, and many more will have access to a revamped Google Wallet that will be part of Android phones. And some have their eyes on the upcoming Samsung Pay, which will first attempt to make a transaction using NFC before falling back on a magnetic-stripe radio field.
‘A Work in Progress’
At Newtek Business Services Inc., a provider of payment processing, loans, and other services for small businesses, Barry Sloane, president and chief executive, has his sales staff pushing EMV to clients. New York City-based Newtek has used a variety of tactics, including statement messaging, bringing up the subject when a client calls, and discussing it in an email campaign that offered discount terminals.
But the threat of assuming liability for counterfeit fraud, while not trivial, may not faze merchants as much as EMV planners might think. “When you think about small-business owners, they think about three things,” Sloane says. “They think about their revenues. They think about expenses. And they think about their risk. Risk is a far-distant third.”
Also, some merchants that have done the math have concluded assuming that risk is cheaper than installing EMV technology in their stores.
Still, Sloane forecasts that by October, 80% of Newtek’s 15,000 merchants will be EMV-compliant, up from about 50% in March.
“The October date will be challenging for everyone,” says Reggie Kimble, director of business development for NCR Silver, a tablet-based POS service from NCR Corp. “From a readiness perspective, it’s a work in progress.”
‘A Lot of Moving Parts’
Part of the progress is certifying scores of EMV terminals to ensure they work with networks and on the multitude of processor platforms. EMV terminals must be certified to specific processors, Kimble says.
“There are a lot of moving parts in the certification process that take about four to six months on average [for approval],” he says. “Because of the need for so many of them and so many processors and point-of-sale solutions, the need to integrate them all creates a need for a lot of certifications.”
Certification is complicated not just because there are three types, but also because one of them requires testing outside of a lab.
Level 1 certification covers how the hardware interacts with the card, says Stuart Taylor, vice president of payment solutions at Scottsdale, Ariz.-based Equinox Payments LLC, a POS terminal maker. The second type tests the application software on terminals. Each of these certifications is typically done in a lab, which is rented to vendors needing the certifications.
The third type of certification is more involved. It’s mostly reserved for larger merchants that may handle their own switching. That necessitates testing outside of the lab, Taylor says. “That environment can get quite complex,” he says.
‘The Consumer Experience’
Even if a merchant has ready access to EMV-certified POS terminals and understands the benefit of accepting EMV transactions, that may not be enough to overcome other business concerns.
Small and mid-size businesses may want to hold off on converting their devices because, they contend, their fraud rates are manageable. But a larger merchant, especially one that sells highly sought-after consumer electronics, may be more willing to make the migration, says Erik Vlugt, vice president of global products at San Jose, Calif.-based VeriFone Systems Inc., a POS terminal maker.
“It’s about the consumer experience,” Vlugt says.
For example, a small merchant, when asked by a consumer why the merchant doesn’t accept chip cards like the supermarket across the street does, may be persuaded to adopt the technology, he says. That perception will not necessarily come by Oct. 1, “but over time people will start taking notice they’re not using chip cards at certain merchants,” he says.
Other business needs may push EMV migration farther down the priority list for some merchants. One merchant, says Taylor, just completed some acquisitions and has chosen to focus on consolidation, with plans to work on the EMV migration in 2016.
A large retailer, with more than 4,000 stores, is putting encryption ahead of EMV. “They believe the liability shift is less of a concern to them than the [negative] brand recognition that comes from a data breach,” Taylor says.
Of course, part of a successful sales pitch may be to focus, not on EMV, but on new capabilities, such as contactless payments, that are built into most EMV terminals. The combination of EMV and contactless may be enough to persuade many merchants to update their terminals.
Though it may not matter much to many merchants, the number-one motivator continues to be the liability shift. “Without the liability shift, I’m not sure there would be much incentive,” Ludwig says.
—Kevin Woodward