Understanding the 2015 U.S. Fraud Liability Shifts

Similar documents
EMV Implementation Guidance: Fallback Transactions

Agenda. What is EMV. Chip vs Mag Stripe. Benefits of EMV. Timeframes & Liability Shift. Costs. Things to consider. Questions

Card Payment acceptance at Common Use positions at airports

Ignite Payment s Program on EMV

EMV Implementation Guide

EMV Beyond October 1, Kristi Kuehn VP, Compliance Heartland

EMV FAQ S FROM A MERCHANT S PERSPECTIVE

Testing & Certification Terminology

Chargeback Best Practices. September 7, 2016

Visa Fuel Segment Update

The Small Business Guide to Mastering EMV

EMV THE DEFINITIVE GUIDE FOR US MERCHANTS AND POS RESELLERS

EMV and Educational Institutions:

EMV Chip Cards. Table of Contents GENERAL BACKGROUND GENERAL FAQ FREQUENTLY ASKED QUESTIONS GENERAL BACKGROUND...1 GENERAL FAQ MERCHANT FAQ...

Merchant Considerations for U.S. Chip Migration. EMV Migration Forum/National Retail Federation September 2014

Merchant Considerations for U.S. Chip Migration. EMV Migration Forum/National Retail Federation September 2014

Let s Talk about EMV. getnationwide.com

Top 5 Facts Merchants Need To Know About EMV

Dates Visa MasterCard Discover American Express. Acquirers, subprocessors. support EMV. International ATM liability shift 2

EMV & Fraud POS Fraud Mitigation Tips for Merchants First Data Corporation. All Rights Reserved.

EMV is coming. But it s ever changing.

EMV is coming. Here s how to stay ahead of the trend. Presented by CO-OP Financial Services

MAKE WAY FOR THE EMV CREDIT CARD. What You Need to Know for a Smarter POS Strategy.

Effective Communication Practices for U.S. Chip Migration. Communication & Education Working Committee June 2014

Is Your Organization Ready for the EMV Challenge?

EMV WHAT DOES IT MEAN? HOW WILL IT AFFECT US? HOW DO WE SWITCH TO EMV?

Frequently Asked Questions

U.S. EMV Migration Update. A joint presentation from Citizens Commercial Banking and Worldpay

EMV: Facts at a Glance

ATM Webinar Questions and Answers May, 2014

EMV Basics and the market

Frequently Asked Questions

Why chip cards? HELP PREVENT FRAUD: HELP AVOID LIABILITY: ACCEPT MOBILE TAP & PAY TOO: DYNAMIC AUTHENTICATION: Contact us

EMV A Chip Off the New Block

MITIGATE THE RISK OF FRAUD AND COMPLIANCE COSTS with EMV mandates. An NCR white paper

It s Not Too Late for EMV What You Need To Do Now!

The State of EMV Harland Clarke Card Services

Heartland Payment Systems

EMV: Frequently Asked Questions for Merchants

U.S. Bank. U.S. Bank Chip Card FAQs for Program Administrators. In this guide you will fnd: Explaining Chip Card Technology (EMV)

October is Here: Are Issuers, Merchants & Consumers Ready for EMV?

EMV Frequently Asked Questions for Merchants May, 2015

EMV Just the Facts. Ozarks Association of Government Accountants

EMV Adoption. What does this mean to your ATMs?

EMV: The Race Is On! September 24, 2013

Frequently Asked Questions

EMV Migration. What You Need to Know about the Technology, the Security Protection it Provides, and When to Implement

Frequently Asked Questions for Merchants May, 2015

EMV: The Next Generation of Payments

Changing Consumer Purchasing Patterns

A Merchant s Path to EMV Understanding Impacts To Your Business

EMV Cards - Chipping Away at Fraud

EMV Adoption in the U.S.

Technical Solution for Transit Contactless Open Payments Use Case 1: Pay As You Go/ Card

PayPass M/Chip Requirements. 3 July 2013

EMV in the U.S. Liability shift; what does this mean for the U.S.?

THE ADOPTION OF EMV TECHNOLOGY IN THE U.S. By Guy Berg Global Industry Sales Consultant Datacard Group

E M V O V E R V I E W. July 2014

EMV Migration Updates and Next Steps

EMV for Merchants and Merchant Acquirers: U.S. Migration Considerations. Smart Card Alliance Webinar October 6, 2011

VARTECH NATION. EMV Certification for IT Professionals

Accepting EMV Chip Cards at the Fuel Pump. September 20, 2017

EMV Terminology Guide

CHIP CARDS. Banks are issuing payment cards embedded with security chips to help protect you against fraud at the register. What is a Chip Card?

Getting Out of PA-DSS Scope and Eliminating the High Cost of EMV: What you need to know

Visa and MasterCard Drive Adoption of EMV Payment Technologies in the United States

EMV: Coming Soon to a Card Near You

Pinless Transaction Clarifications

EMV: Strengthen Your Business Through Secure Payments

EMV: GET READY. Michelle Thornton, CO-OP Financial Services

EMV FREQUENTLY ASKED QUESTIONS (FAQs)

Crash Course: What are EMV and the EMV Liability Shift?

Mobile and Contactless Payments Requirements and Interactions

The Future of Payment Security in Canada

EMV Overview. Get Familiar with EMV & Our Plans to Support it

EMV, PCI, Tokenization, Encryption What You Should Know for Presented by: The Bryan Cave Payments Team

Implementing EMV in the U.S.

Will US EMV Migration Impact Acquiring Worldwide?

jhapassport EMV Update:

Hot Topics in Payments Cornerstone CU League Small CU Committee July 9, 2014

Putting Card Fraud to the Fire. Diana Kern, AAP senior trainer

EMV IN THE U.S. HOW FAR HAVE WE COME AND WHERE ARE WE GOING? Andy Brown

Security enhancement on HSBC India Debit Card

Winter 2019 Network Updates. Webinar Presentation January 29, 2019

Dear Valued Member, Sincerely, Jerry Jordan President & CEO CGR Credit Union

Introduction to EMV BEYOND PAYMENT

Secure Remote Payment Council (SRPc) White Paper Discussion: EMV Enhancements Post Implementation September 13, 2016

EMV and Apple Pay. The world of credit cards is on the move.

Why contactless pickpocketing is impossible

Testing Best Practices. Derek Ross ICC Solutions

Semi-Integrated EMV Payment Solution

EMV: The Journey Begins October 1st

How EMV Compliance is Enhancing Self-Service Bill Payment

EMV Validation (on-behalf of) Service

Optimizing Transaction Speed at the POS

Visa Minimum U.S. Online Only Terminal Configuration

Target, the third largest retailer in the U.S., suffered a

STAR Network Overview

Finding the Best Route for EMV in the US

PUTTING FRAUD TO THE FIRE

Transcription:

Understanding the 2015 U.S. Fraud Liability Shifts Version 1.0 May 2015 Some U.S. payment networks are implementing EMV fraud liability shifts effective October 2015. With these liability shifts fast approaching, many card issuers, merchants, acquirers and processors implementing EMV chip technology are asking, Who is liable for what, and when, under these fraud liability shifts? The EMV Migration Forum is providing this information collected from certain payment networks to help payment industry participants better understand the corresponding network s policies. Today, across payment networks, liability for card-present fraudulent transactions is generally the responsibility of card issuers. Beginning in October 2015, certain U.S. payment networks independently plan to implement fraud liability shifts that will impact transactions from a counterfeit card created from the magnetic stripe on a chip card and/or lost or stolen card transactions. As of that date, liability for those transactions generally will shift to the acquirer/merchant in certain cases if they do not use EMV chip-enabled 1 devices and applications to process payment transactions. The impact of these October 2015 liability shifts to the acquirer/merchant depends on whether: EMV chip cards (domestic and international including credit and debit cards) are used; and EMV chip-enabled point-of-sale (POS) card payment acceptance devices/applications are deployed (excluding automated teller machines (ATMs) and automated fuel dispensers (AFDs)), including in-person POS retail devices, unattended terminals, kiosks and vending machines, and mobile payment acceptance devices (MPOS). ATMs and AFDs: Liability shifts impacting ATMs and automated fuel dispensers have different timeframes and are not addressed in this document. Fallback Transactions: For fallback transactions 2, as long as the acquirer/merchant sends the appropriate indicators identifying the transaction as fallback, the issuer will bear the liability if they approve the fallback transaction. However, fallback rates that exceed the acceptable thresholds set by the payment networks may result in other impacts to the acquirers/merchants as determined by those payment networks. 1 Chip-enabled device or terminal: A terminal that has, or is connected to, a contact chip card reader, has an EMV application, and is able to process EMV transactions. 2 Fallback transaction: A transaction that is initiated between a chip card and a chip terminal but chip technology is not used and the transaction is completed via magnetic stripe. Page 1

Counterfeit Fraud Liability Shift Applies to Accel, American Express, China UnionPay, Discover, MasterCard, NYCE Payments Network, SHAZAM Network, STAR Network and Visa Beginning in October 2015 for the nine payment networks noted immediately above, when a merchant accepts a magnetic stripe card that was counterfeited with track data copied from an EMV chip card, and the card is subsequently swiped at a POS device/application that is not EMV chip-enabled, and the transaction is successfully processed, the acquirer/merchant may be liable for the chargeback resulting from the fraud. The above counterfeit card liability shift only pertains to transactions where the magnetic stripe was read and does not apply to contactless transactions. There is no anticipated liability shift for fallback transactions, as they are a result of the chip on the card not being read and the authorization message does not contain chip data. Fallback transactions are therefore considered magnetic stripe transactions and liability remains with the card issuer. The counterfeit liability shifts for the above-listed networks for the U.S. are summarized in the following chart: Chip Capability: Card Chip Capability: POS Counterfeit Liability after October 2015 Lies with: Magnetic stripe only card Terminal not enabled for contact chip Magnetic stripe only card Contact-chip-enabled Chip card Contact-chip-enabled Counterfeit magnetic stripe card Terminal not enabled for contact Acquirer/Merchant with track data copied from a chip card 3 chip Counterfeit magnetic stripe card with track data copied from a chip card 3 Contact-chip-enabled Lost or Stolen Fraud Liability Shift Applies to American Express, Discover and MasterCard Beginning in October 2015 for American Express, Discover and MasterCard, the acquirer/merchant may also be liable for a chargeback resulting from fraud if: 1. A PIN-preferring (either online or offline PIN) chip card that has been stolen (not a copy or counterfeit) is presented at a magnetic stripe-only POS device/application, and the stolen chip card is processed as a magnetic stripe transaction OR 2. A PIN-preferring (either online or offline PIN) chip card that has been stolen (not a copy or counterfeit) is presented at a chip-enabled merchant POS device/application that does not support either online or offline PIN, and the stolen chip card is processed as a signature chip transaction 3 Data from a contact chip card. Page 2

No (Cardholder Verification Method) transactions that meet the No requirements of the payment network are not affected by the EMV lost or stolen liability shift. These lost or stolen liability shifts for the U.S. are summarized in the following chart: Chip Capability: Card Chip Capability: POS Lost/Stolen Liability after October 2015 Lies with: Magnetic stripe card Any terminal type * (online or offline) Terminal not enabled for contact chip Acquirer/Merchant** (online or offline) (online or offline) * Magnetic stripe liability shift rules apply. Terminal not enabled for contact chip Contact-chip-enabled, signature (no PIN capability) Contact-chip-enabled, signature (no PIN capability) Contact-chip-enabled, PIN (online and/or offline) Contact-chip-enabled, PIN (online and/or offline)**** ** If PIN was prompted and approved, magnetic stripe liability rules apply. *** Acquirer/Merchant *** Lost or stolen liability shift applies to only legitimate cards that are lost or stolen based on issuer determination. **** Payment networks have slightly different policies. In the U.S. for MasterCard and Discover, if a merchant decides to support PIN, the terminal must support both online and offline PIN. In the U.S. for American Express, the merchant terminal can support either offline PIN, online PIN or both. In all three cases, the issuer retains liability if a fraudulent lost or stolen PIN-preferring chip card is used at a chip-enabled terminal that supports PIN. PIN Entry Bypass: In the case where PIN entry bypass is invoked and is properly identified by the acquirer/merchant in the authorization message as specified by the EMV specification, liability stays with the issuer if the issuer approves the transaction. Applies to Accel, China UnionPay, NYCE, STAR Network and Visa There is no expected change to Accel, China Union Pay, NYCE, STAR Network or Visa liability for lost or stolen card fraud, and accordingly, this liability remains with the issuer. Liability Shifts for Cross-Border Transactions 4 It is important to understand for each payment network the consistencies in liability shifts for crossborder transactions. This section describes liability shifts for U.S. acquirers/merchants when non-u.s.- issued cards are used at U.S. merchants and liability shifts when U.S.-issued cards are used at non-u.s merchants. Counterfeit Liability Shift. For the global payment networks listed in the Counterfeit Liability Shift Fraud section above (American Express, China UnionPay, Discover, MasterCard and Visa), their respective 4 Cross-border transaction: A transaction where a card issued in one country is used for a payment transaction in a different country. Page 3

counterfeit liability shift is consistent for all cross-border POS transactions for participating countries in the EMV liability shift. Lost-or-Stolen Liability Shift. In countries where American Express, Discover and MasterCard have lostor-stolen liability shift policies, their respective policies are consistent for domestic and cross-border transactions. For the global payment networks listed above that do not have a U.S. lost-or-stolen liability shift (China UnionPay and Visa), lost-or-stolen liability shift on cross-border transactions does not apply even if the card-issuer s country has implemented a lost-or-stolen liability shift. Conclusion This document summarizes, as of the publication date, the anticipated October 2015 U.S. liability shifts of the payment networks noted above in the specific scenarios described above. Certain scenarios, such as merchant stand-in and voice authorization, are not impacted by the October 2015 liability shifts described above, and liability in those situations is expected to remain as it is today. When considering the October 2015 liability shifts described above, it helps to first define the type of fraud, and then assess the technology being employed by the applicable parties in light of applicable payment network rules. In summary, the party supporting the superior technology for each fraud type will prevail in a chargeback (for the scenarios specifically addressed above and except as otherwise noted); and in case of a technology tie, the fraud liability as of October 2015 generally is expected to remain as it is today with the issuer. Legal Notice There are additional scenarios that could affect liability that are not covered in this document, and the payment networks named above do not reflect all of the networks that may have October 2015 liability shifts, but rather the ones that provided information to the EMV Migration Forum in the preparation of this document. Additionally, certain networks identified above only provided information regarding liability shifts for counterfeit cards (not for lost or stolen cards). Notwithstanding anything to the contrary in this document, each payment network determines its own policies and practices (including but not limited to rules regarding liability and timing of the liability shifts), all such policies and practices are subject to change, and liability in scenarios and/or for payment networks not specifically addressed above may differ. Merchants, acquirers, processors and others implementing EMV chip technology in the U.S. are therefore strongly encouraged to consult with their respective payment networks regarding applicable liability shifts and rules. While great effort has been made to ensure that the information in this document is accurate and current, this information does not constitute legal advice and should not be relied on for any legal purpose, whether statutory, regulatory, contractual or otherwise. All warranties of any kind are disclaimed, including all warranties relating to or arising in connection with the use of or reliance on the information set forth herein. Any person that uses or otherwise relies in any manner on the information set forth herein does so at his or her sole risk. About the EMV Migration Forum The EMV Migration Forum is a cross-industry body focused on supporting the EMV chip implementation steps required for payment networks, issuers, processors, merchants, and consumers to help ensure a successful introduction of more secure chip technology in the United States. The focus of the Forum is to address topics that require some level of industry cooperation and/or coordination to migrate Page 4

successfully to chip technology in the United States. For more information on the EMV Migration Forum, please visit http://www.emv-connection.com/emv-migration-forum/ Copyright Notice Copyright 2015 EMV Migration Forum and Smart Card Alliance. All rights reserved. Page 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback