3 things issuers should know about EMV cards with chips

Getting to know your EMV credit cards with chips

3 things issuers should know about EMV cards with chips

1. Not all EMV chips are the same
2. Chip card behavior and profile types
3. How the liability shift may positively affect your institution

#1 Not all EMV chips are the same

There are several types of EMV cards with chips in the market today: standard, contactless, and dual interface.

The EMV chip is a computer microchip which stores card data. During an EMV terminal transaction, a cryptogram is generated by the computer microchip producing a one-time unique code for each transaction. The application on the chip, which includes a processor key, is used to authorize the transaction.

Just like most magnetic stripe cards, EMV chips have a limited life span. Visa and Mastercard automatically grant three years before the chip expiration date and most chip life spans can be extended up to six years total. It is up to the card brands to determine whether they want to extend the chip life. This means that the cards must be personalized and issued by the time the chip expires; it does not impact the cards once they are on the street.

Extending the life of the chip is something that your card provider can help you take care of. You should reach out to your provider to learn more.

#2 Chip card behavior and profile types

The behavior of the EMV chip card is determined by a combination of the point of sale system (POS) and the EMV chip profile. The profile contains the application which resides within the actual EMV chip. Both the profile and the POS will influence whether the cardholder will need to enter their PIN or if they can bypass entering their PIN.

This table highlights some of the profile types for both Visa and Mastercard:

Additionally, the card brands recently changed their rules regarding signature capture for card-present point of sale transactions, making it now optional for the most part. Effective with the change, merchants will not be liable for applicable chargebacks resulting from not capturing a signature for card-present transactions.

However, there are still many cards in circulation that signature as a CVM. So unless the merchant does special coding to not prompt for a signature, the standard EMV process will likely result in signature prompting for those cards.

Until the all point of sale terminals and credit card readers have been updated, there are many possible outcomes that could occur when your cardholders use their chip card to make an-in store purchase.

Here are the most common outcomes:

• Insert chip card, communication with the chip is initiated verifying the card is valid; card is then removed from the payment terminal once the transaction is complete
• Insert chip card, communication with the chip is initiated verifying the card is valid; cardholder will be prompted for a PIN, card is then removed from the payment terminal once transaction is complete
• Chip card is swiped, communication with the chip cannot be initiated, transaction is run using the magnetic stripe, and cardholder provides a signature

#3 How the liability shift may positively affect your financial institution

Before October 1, 2015, the liability for counterfeit fraud landed was shouldered primarily by the financial institution. If your institution has not yet issued EMV chip cards and your cardholders use a magnetic strip card tied to your institution at a merchant location that is using an EMV capable payment terminal, you could be held liable.

In comparison, if you have issued EMV cards with chips and your cardholder uses your EMV chip card at a merchant location that does not have an EMV chip enabled payment terminal, the liability for counterfeit fraud will be on the merchant because they are the weakest security point in the transaction.

Looking to fight fraud smartly? Reach out today to learn more about issuing EMV chip cards.