Credit card companies are changing the way your clients use credit cards and the way you process them. Are you ready?
When it comes to paying by credit card, the U.S. is approaching a sea change. Banks and credit card companies are doing away with the familiar "swipe and sign" credit card processing, and switching to microchip technology. Over the last 15 years, more than 80 countries have made the switch from the traditional magnetic stripe cards to microchip, or EMV (Europay, MasterCard, Visa), cards. The primary reason for adopting this new technology is the tremendous cost of credit card fraud.
As payment security measures increased in other parts of the world, credit card fraudsters set their sights on the U.S. From 2010 to 2014, the Secret Service cybercrime investigations team arrested more than 4,900 suspects associated with $1.37 billion in fraud losses. But for years, major US banks considered the cost of fraudulent transactions less burdensome than implementing similar security measures, citing the cost of issuing new cards, new processing software and new pin pads. It took the security breaches at Target, Home Depot and Neiman Marcus in 2013 to bring this topic into the mainstream of public discussion. As Americans became more informed about identity theft and credit card fraud, they demanded higher levels of security for their personal information.
There is a fundamental difference between a magnetic stripe and an EMV chip transaction. Magnetic stripes contain static payment information about the cardholder. These data are relatively easy for a motivated thief to "skim" and then use to create a new, cloned card. In contrast, EMV cards contain tiny, dynamic computer chips that "talk" back and forth with the payments terminal to verify that the card is legit. While they aren't impossible to hack, these cards are much more secure than magnetic stripe cards.
The liability shift
Contrary to popular belief, there is no mandate that a business must switch to the new EMV readers. You can still run a transaction with a swipe and a signature. There is, however, an incentive to switching. The liability shift for fraudulent transactions begins October 1, 2015. The "shift" refers to the shift in liability from the card issuer (Bank of America, Chase, etc.) to the merchant. In other words, if you continue to use the old system, the liability for magnetic stripe credit card fraud will shift from the bank to you. Here's how it works. If you have an EMV-enabled reader and your client has a chip card, banks will be liable for any fraudulent transactions. In addition, if you have a new terminal, but the bank hasn't issued a chip and PIN card to the pet owner, the bank again is liable. However, if you are not using new readers, the liability for fraudulent transactions lies with you. Under no circumstance is the cardholder responsible for transactions on skimmed cards.
Unless you upgraded very recently, you will need to get a new card reader to process EMV-enabled transactions. What do new readers cost? It depends. Some processors will provide free basic readers, while others charge as much as $400 for multi-featured Wi-Fi terminals. Before you switch, talk with your practice management software vendor regarding which providers they recommend. Now is also an excellent time to re-evaluate what you are paying for credit card processing, and build the cost of new terminals into your negotiations. Ultimately, however, the concern is less about the price of the readers and more about the potential cost of not switching.
Help your clients adapt
As a Summit staff member learned in a Paris subway station, chip cards take a little getting used to. Americans are accustomed to swiping their cards quickly. With the chip system, the card is inserted into the card reader and must remain there until the transaction is complete. The technique is frequently called the "chip and dip" process, a play on words that brings to mind any number of creative ad campaigns.
Because the card must remain in the terminal, it will be easy at first for clients to forget the card and possibly leave your practice without it. Train your staff to be mindful of this and to remind clients to take their cards.
As with any major change, the switch to EMV cards won't happen overnight. The Payment Security Taskforce expects 575,000 credit cards in the U.S will be converted to chip by the end of 2015. For now, the cards will have both a magnetic stripe and an embedded chip. While EMV cards will significantly improve the security of face-to-face transactions, they don't offer protection against e-commence fraud. Other technologies are emerging to combat online and mobile payment fraud. More changes are on the way for managing contactless or touch-free payments such as Apple Pay, via "smart" devices. Summit will keep you updated as these new technologies make their way into your practice.