What do you attribute to the slow adoption of EMV in United States?
At first, it was a matter of perception. I think many companies thought EMV wasn’t going to happen in the U.S. and as such, businesses focused their energies on other security solutions such as P2PE. When the liability shift dates were set for October 2015 and there were more high profile data breaches (e.g. Target and Home Depot) with no viable alternatives to EMV, the payments industry finally realized EMV was not going away.
As such, many companies were ill prepared to ramp up their secure payments solutions with EMV, especially as EMV is complex and not simply a matter of adding an EMV enabled PINpad to their infrastructure. The complexity of an EMV Migration throws many companies off guard. There is a whole software ecosystem that needs to be created in addition to securing complicated brand and processor certifications. Many processors are also coming to terms with the complexity of brand certifications that no longer take a few days to certify, as in the days of magnetic stripe, but now take months with EMV chip cards.
How do you see EMV evolving over the years to fit the needs of the ever changing security needs of the payments industry?
EMV has already evolved extensively over the last 10 years – adapting to new security breaches and a continuously evolving threat landscape – as well as secure payment methodologies, such as P2PE and tokenization (the trio, being the proverbial “Holy Grail” of any secure payment transaction). With Apple Pay raising awareness and discussions around mobile payment strategies among all players in the payments industry, I think the standard will evolve to embrace the latest in mobile technology. Especially as cards start to migrate from familiar plastic form factor into mobile wallets – or even wearables, as we’ll start to see more of as Apple Watch and Apple Pay influence other emerging payment technologies. EMV is a mature and trusted standard for payments worldwide and it will continue to evolve to meet the demands of the consumer and industry alike.
What are the major concerns that are being raised as the transition date is only months away?
With the deadline for the EMV liability shift imminent, it is clear the issue of brand certifications is a major concern. Mainly because many businesses going through the process are again, unaware of the complexities and time necessary to complete an EMV Migration. Processors have limited resources to focus on the problem and it will inevitably cause certification gridlock. When you consider that in a mature EMV market like the UK, an EMV brand certification can take anywhere up to 16 weeks, then it’s clear that a better and more efficient methodology is needed. Creditcall was the pioneer of the pre-certified EMV solution, essentially a plug and play EMV Migration solution for common platforms, that allows companies to alleviate the complexities and reduce the time it takes for a migration from months to days (here’s a video on such).
Do you believe that there has been enough education to the consumer on what EMV is and how it will benefit them? What are good information sources for consumers to learn about EMV?
I think most U.S. consumers are curious about why their new cards have a chip, but it is unclear if they appreciate how to use the chip card and the benefits of a more secure technology. That said, with 2014 being the “Year of Data Breaches” – and this year the “Year of EMV” – consumers have a heightened sense of awareness of the threat landscape and are expecting companies are doing everything they can to protect user interests and card data. It’s a matter of perception. For instance, a cab driver once asked I use my chip card over another based on the understanding it was simply more secure. Consumers may not understand EMV at a granular level, but they don’t need to. Consumers understand cyber thieves are more sophisticated and they want better protection.
Some of the best education available is free – and available from the EMV Migration Forum, of which Creditcall has been a member since its inception. Their website can be found at http://www.emv-connection.com Another great resource from EMV Migration Forum is specifically pertaining to chip cards and geared to consumers: http://www.gochipcard.com/
What will Creditcall’s role be in the EMVco to help shape the future of global payments?
Creditcall is in a unique position in that it not only processes EMV payments through its payment gateway but it also develops the core EMV technology stack commonly utilized in the new EMV readers. The company also has over 14 years of experience working with EMV Migrations around the world. It was one of the very first payment gateways to be certified in the UK, and the first payment gateway to be certified in the US (2014). This unique perspective allows Creditcall to contribute real world use cases, technical insights and experience to the wealth of information already residing within EMVCo to help drive payments innovation and global interoperability forward.
