Blog | August 18, 2015

Visa Reports On Slow EMV Adoption: Where Do We Go From Here?

By The Business Solutions Network

EMV Liability Shift

This morning I received an email from BridgePay Network Solutions in regard to the Visa Payment Technology Provider Forum held last week at Visa Headquarters in San Francisco. The email includes some interesting stats and information that was shared at the Forum concerning the upcoming Oct. EMV liability shift. If you do any work in the retail and restaurant verticals, this information is very relevant.

As of July:

  • 117 million EMV cards have been issued (28% of total cards)
  • 78 million of which are credit and 39 million are debit
  • 250,000 merchants have been EMV enabled (this represents about 5% of the U.S. merchant base)
  • A few hundred terminals supporting EMV PIN debit have been enabled

“The recurring theme at the Forum was that issuers are rapidly putting out more EMV cards while the U.S. merchant base is struggling to become EMV ready,” reports BridgePay. “The reason is simple — the processors have been very late in putting out EMV specs and getting ready for EMV testing. The processors have focused first on their large retailers and their stand-alone terminal merchants.  The POS integrated solution, which is much more prevalent in the U.S. than any other country, is slow to convert to EMV. The processors were just not able to handle all of the necessary testing in a quick enough time frame.

In addition to that overview, BridgePay included some other highlights/messages delivered at the Forum:

  • "2016 is the year of the POS integration. 2015 will not happen for many integrators, and many others suggested it will lag into 2017. 
  • "Nothing really happened in Australia and Canada when the liability shift took place.  Australia and Canada have recently added EMV and no disaster occurred when the liability shift went into place in those countries.  We can expect the same in this country. October will come and go without much fanfare.
  • "The bad guys will continue to target high ticket items, including electronics and jewelry, and those stores selling open acceptance gift cards. Credit card thieves will not go away and they will continue to search for weak links
  • "Encryption can be more powerful than EMV for preventing fraud and theft. Two interesting facts support this. Most of the world did not have encryption in place prior to EMV so EMV was sort of the first real attempt to counter fraud and theft in most places. The large breaches that have occurred in the U.S. in recent years (e.g. Target, Home Depot, Neiman Marcus) were all cases where the merchants did not have encryption in place. Visa highly recommends the triple play in fighting fraud and theft: EMV, encryption, and tokenization.”

Here’s what I take from this. Just because EMV adoption has been slow for many reasons, don’t discount the event as something that can’t make you money. The reality is, your customers will eventually need a payments security upgrade to EMV. Once October passes, don’t forget about EMV. Continue to ask your software, hardware, and payment vendors when an EMV solution will be ready for you to sell.

Also, I love reading Visa’s stance on encryption and the power of combining it with EMV and tokenization. We recently posted a pretty thorough white paper on the triple-play topic (“The Holy Trinity Of Payment Security”) and it’s clear that if you’re an ISV, using EMV, tokenization, and P2PE is the most effective route to ensure payment security. With this combination, it seems like we have a real solution to stop criminals and let retailers move on to IT investments that can increase sales and improve customer satisfaction.