We have prepared a series detailing everything about EMV, the implications for merchants and its availability on the Merchant Link Gateway.
What is EMV?
EMV stands for Europay, MasterCard and Visa, the companies who came together to create the standard for chip card technology in the early 1990’s. The governing body of the standard is now called EMVCo and includes the other major card brands as of the 2000’s.
EMV is frequently called chip and PIN, though that is not technically correct especially in the U.S. We will be rolling out what is commonly referred to as “Chip and Choice.” Each of the brands have decided to implement chip cards but with differing Cardholder Verification Methods or CVMs. Visa will be chip and signature and MasterCard will allow their issuers to choose the CVM they prefer. So ostensibly some MasterCard’s will require PIN and others will not. Don’t worry though, the terminal management software will tell the cardholder which way to go.
EMV was designed to prevent counterfeit cards from being used to commit fraud and it does a pretty good job in that regard. However, it only applies to card present transactions and it does not encrypt the 16 digit card number or PAN. The PAN is still considered sensitive data and if stolen is considered to be a breach.
So while EMV will make it harder to counterfeit cards, merchants are still at risk of a data breach. It is important to use point-to-point encryption and tokenization solutions to protect that data, as most Merchant Link customers do today. Said simply, EMV is more of a fraud prevention solution than a security solution.
Look out for Part II of this EMV series discussing the impact of EMV.