To read as a newsletter, click here.

 

Nightmare On Main Street: New Credit Card Payment Standards Take Effect Oct. 1. This article was recently published in Forbes | Retail contributed by Paula Rosenblum. A Link to the entire article appears at the end of this newsletter.

 

Halloween is coming early to the retail industry this year. Effective October 1, a mandated change to the way retailers process credit cards is supposed to take effect. And while there’s a lot of hubbub around who’s to blame, one thing is clear: the ecosystem just isn’t ready. This could prove to be a serious Halloween-style nightmare.

 

Let’s take a brief look at the new process. Those of you who have replaced your credit or debit cards over the past year have likely noticed they contain a microchip on the left-hand side of the card. These chips follow a standard known as EMV – the Europay, Mater Card and VISA payment standard developed by those card processors in the mid-1990s and in use in Europe for a decade.

 

You also might have noticed that your favorite retailer has a new style credit card swipe or PIN pad terminal at the checkout stand. Part of the EMV standard includes inserting the card into that new terminal (so that it can read the information on the microchip) rather than swiping the black magnetic stripe on the back. The magnetic stripe contains a lot of information about the owner of the card, and that’s the information hackers grab when they hack a retailer’s system.

 

The true EMV standard requires that the purchaser also enter a personal identification number (PIN) when he or she puts the credit card in the machine. That’s how it’s done in Europe and Canada. For some unfathomable reason, the banks have decided that they want to use a different standard in the U.S. – chip and signature. Somehow, that squiggly line we tend to draw across the signature screen is meant to be a security feature. The only reason banks have given for their choice to go with signatures is that  “consumers will have a hard time remembering their PIN.”

 

The most recent numbers announced by VISA indicate that less than one-fifth (18%) of their 720 million debit and credit cards as of July contain a new embedded chip and will be ready for the October 1st EMV shift. The truth is that banks, credit unions and the card networks are nowhere close to replacing the more than 1.2 billion cards Americans carry in their wallets. 

 

The bottom line is that we have a real mess on our hands.  It’s a mess that will drive a lot of finger pointing and chaos should a major data breach actually occur after October 1.  The most baffling thing of all? Banks, credit card processors and retailers really need each other. The retailers provide a stunning amount of revenue in the form of fees, and retailers have far more flexibility than they could otherwise because of those processors and banks. But at least in the U.S., they’ve been fighting in the courts and in the court of public opinion for years.

 

Consumers should notice very little change. They remain NOT liable for losses incurred as a result of a breach. But for retailers and banks, October 1 will truly be the Nightmare of Main Street.