CSI Resources

stack of credit cards

Understanding EMV: Easy as 1, 2, 3?

  • by Derrick Bretz
  • May 20, 2015

Whether it’s big-name merchants falling victim to security breaches or increasing levels of counterfeit card fraud among customer transactions, bank card security is a growing priority for your bank, your customers and merchants across the U.S.

Luckily, with EMV, your bank can optimize advanced chip card technology capabilities by securely storing and transmitting card payments processing credentials. Sounds good, right? So why is the U.S. one of the last countries to enable EMV? And what exactly is EMV, anyway?

What is EMV Technology?

The acronym, EMV, represents the chip card payment standard developed by Europay, MasterCard and Visa. This standard is managed by EMVCo, which is owned by American Express, JCB, MasterCard and Visa.

EMV exists so credit and debit cards can be used safely and viably across multiple payments acceptance terminals throughout the world. It facilitates a more secure payment transaction by replacing the vulnerable mag-stripe on cards with a secure “chip.”   

How EMV Works 

On EMV bank cards, Integrated Circuit Card (ICC) microprocessors are embedded in the plastic on the front of the card. These chips function similarly to a computer: they have operating systems, communication protocols, applications and secure elements.

 A secure element is a tamper-resistant, storage platform that securely hosts applications and their confidential data in accordance with rules and security requirements. 

In EMV payment processing, communication follows certain protocols:

  • Payment credentials are cryptographically stored and encrypted on the bank card’s chip
  • A portion of the payment credentials on the chip use unique cryptographic keys to encrypt communication between the chip and the terminal’s chip reader
  • Those encrypted payment credentials use the card’s unique cryptographic keys to generate dynamic cryptograms for each transaction

Encrypted payment information and dynamic cryptograms for all transactions help prevent cloning of the EMV credentials, protecting against skimming and counterfeit fraud—something mag-stripe cards cannot do.

3 Good Reasons to Adopt EMV

There may not be a network or regulatory mandate in the U.S. payments industry requiring EMV adoption at this time, but there are some pretty good reasons issuers or merchants should upgrade their cards and terminals to EMV, like: 

  1. Counterfeit Fraud Prevention

    Compromises are becoming more common with mag-stripe card data security and fraudsters migrating to countries that have yet to enable EMV. Counterfeit fraud is expected to grow. And as one of the last EMV holdouts, that means the U.S. is vulnerable. 

  2. U.S. Mag-Stripe Card Complications Abroad 

    U.S. consumers are increasingly more likely to encounter problems with their U.S.-issued, mag-stripe-only cards being accepted at merchants in countries that have already migrated to EMV.

  3. Fraud Liability Shift
  4. With EMV migration in the U.S. comes the decision to shift fraud liability from the more secure technology to the less secure party. This puts pressure on merchants and issuers to accelerate EMV migration.

Who Needs to Adopt EMV?

Everyone. Well all stakeholders in the card payment ecosystem, that is. Issuers, processors, networks, acquirers, merchants, terminal manufacturers and card fulfillment vendors, are all affected by EMV. And the changes necessary to implement EMV require updates to most existing payments processes to support the issuance, transmission and acceptance of EMV. 

Check back next month to find out what your bank can expect when Preparing for the Great Mag-Stripe Migration and why it’s time to get ready for EMV.

 

Derrick Bretz leads strategic product development and quality improvement initiatives within CSI Payment Services. In his role, Derrick enhances payment and commerce experiences and customer education through the use of data analytics. Having helped develop CSI’s initial mobile offerings, Derrick continues to provide leadership on mobile commerce initiatives.