Gartner Blog Network


EMV rolls out with lots of tension between retailers and card issuers

by Avivah Litan  |  September 30, 2015  |  4 Comments

Tomorrow marks the first day liability on card-present transactions will shift to retailers by default if they don’t accept a chip card that is presented to them at the point of sale.

It’s like a cold splash of water – the day has finally arrived.

Retailers have many decisions to make about how to cope with this liability shift, as more consumers come to their locations with chip cards. Over time retailers will gain value with the added security of EMV chip cards. When 80% or more of their transaction volume is EMV-based, criminals won’t be as incented to break into their stores to steal data that will be useless to them in counterfeit fraud. But given EMV adoption rates in other parts of the world, that won’t happen in the U.S. for at least 2-3 years.

In the meantime, here are the problems retailers face

a) Retailers want Chip and PIN. They rightfully argue it’s more secure with a PIN, and that’s been proven with magstripe transactions where PIN reduces fraud by 70% or more.

Banks argue consumers can’t remember PINs on credit cards – that’s an empty argument and one that has been proven wrong in other countries, such as Canada.

Retailers will be stuck storing signatures now on EMV transactions, an added cost to their operation. Retailers tell me that processors won’t store those signatures anymore because of the liability implications.

b) Each individual retailer needs to be certified for EMV acceptance. Currently there’s a wait of six months just to get started with the EMV certification process and then that process takes 9 to 12 months, retailers tell me.

Of course, that probably means that retailers need to accept liability on fraudulent card present transactions even if their certification is stuck in a queue.

c) Upgrading existing POS equipment for EMV acceptance can cost a retailer $150 to $500 a station, depending on the features they acquire in the equipment.

Many retailers, especially in the restaurant business, are questioning if they should simply upgrade their existing configuration or reconfigure the way they accept payments to provide a better customer experience. For example, restaurant managers are interested in ‘pay at the table’ payment devices (like those used in Europe) and prefer investing in those rather than upgrading existing stations.

Similarly, many retailers are interested in deploying mobile point of sale acceptance devices where staff can walk around a store floor, help customers, and take payments quickly and as needed. We see this today at some shoe stores, for example.

d) What about security? EMV certainly helps stop counterfeit fraud. But until they are prevalent, the breaches of magstripe data will continue. So retailers and other card acceptors are investing in securing their payment acceptance environment and are more interested for example in implementing point to point encryption technology than turning on EMV acceptance. The former helps stop the breaches. The latter helps stop counterfeit fraud which card issuing banks have traditionally been responsible for. What’s this mean to the bottom line? More money required due to double costs to retailers.

e) Longer checkout times – we blogged about this before. But I had it wrong. Earlier this week I heard from many retailers at a session I was participating in that EMV chip card checkouts have been taking a full 20 seconds to process. That is 19.5 seconds too long for consumers and retailers. The only solution I can see here is moving to mobile payments that take milliseconds for consumers. (I may just have to buy a new smartphone).

f) Back end not ready – many processors are scrambling to get EMV certified and EMV processes in place. Same with terminal manufacturers. There are a lot of moving parts that need to be certified and working together for this transition to be smooth. Consumers probably won’t noticed but there is and will be plenty of confusion at the back end systems. This will make it cumbersome for retailers to accept EMV transactions in a smooth and secure manner. More headaches for the retailers.

I know I sound like I think the retailers are getting hit with an unfair share of the costs and burden in moving to EMV. Well I do. They are clearly the underdogs in the equation. Always have been and always will be — until a new type of payment system rolls around that is widely adopted enough to level a very uneven playing field. Don’t hold your breath waiting for one.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: 

Avivah Litan
VP Distinguished Analyst
19 years at Gartner
34 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Ms. Litan's areas of expertise include endpoint security, security analytics for cybersecurity and fraud, user and entity behavioral analytics, and insider threat detection. Read Full Bio


Thoughts on EMV rolls out with lots of tension between retailers and card issuers


  1. […] in Ms. Litan’s Gartner blog “Problems with EMV: Slower Check Outs and More Fraud” and “EMV Rolls Out With Lots of Tension Between Retailers and Card Issuers”. Gartner clients can read more in the report “Innovation Insight for EMV Adoption in the […]

  2. Hey There. I found your blog using msn. This is a very well written article. I’ll be sure to bookmark it and come back to read more of your useful info. Thanks for the post. I will certainly return.

  3. […] will now require use of a PIN, but credit cards will still have to be signed for. Retailers were reportedly keen on requiring PINs on both card types (see above), whereas card issuers were concerned about […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.