Visa has set aim on April 2013 and October 2015 as EMV-adoption target dates. And the card brand has created a roadmap and guidelines to help issuers and merchants successfully launch and complete their EMV rollouts.
The catalyst for Visa's EMV push: escalating incidents of card fraud. The United States' continued reliance on magnetic-stripe card technology is perpetuating the spread and growth of global card fraud.
MasterCard also has set an April 2013 EMV-compliance deadline for all U.S. ATMs because ATMs are the most often hit with skimming attacks.
EMV, a global card-security standard, has been widely adopted. In the United States, however, adoption has lagged. U.S. banks and merchants have fallen far behind, from a card security perspective, opening doors for fraud that have adversely affected the global payments infrastructure.
EMV, which has significantly reduced card-present fraud, will cut fraud losses linked to card skimming at ATMs and points of sale in the United States, Ericksen says; losses that continue to adversely affect the rest of the world.
"Several factors are at play that we believe made this a good time for the U.S. to adopt and embrace chip technology," says Visa's Ericksen, who focuses on payment solutions, enhanced payments security and payments devices. "The movement toward mobile, which uses the same technology as EMV, is a big reason. We've been working on that in the U.S. for a long time. ... and we've had several U.S. issuers that have been looking to issue chip cards for their international travelers."
Some U.S. financial institutions and merchants have initiated chip-payment trials and tests; but others are still waiting, says Ericksen. And most, at this point, are just asking questions.
In an exclusive interview about EMV in the U.S., Ericksen discusses:
- Why more card issuers are expected to focus their initial EMV rollouts on credit rather than debit;
- The increased role the Fed Reserve could play in offering debit-interchange incentives to card-issuers that invest in EMV technology; and
- Why the United States, despite having no regulatory authority overseeing a countrywide rollout to EMV, is in a better position than its global EMV predecessors to rapidly roll out a cost-effective EMV-capable infrastructure.
Increased financial losses linked to card fraud have rallied support for an EMV push in the U.S. from more than just Visa. Richard Oliver, the former head of the Federal Reserve Bank of Atlanta's Retail Payments Risk Forum, has been one of the banking industry's most outspoken supporters of EMV. Other experts, including Randy Vanderhoof of the Smart Card Alliance and Philip Andreae, one of EMV's forefathers in Europe, also have stepped forward in recent years to say the United States' continued reliance magnetic-stripe card technology is perpetuating the spread and growth of global card fraud.
Ericksen says the United States' EMV adoption delay will work to its advantage. U.S. payments players won't need to make big investments to attain EMV compliance. "We've learned from other markets that having additional complexity is not always necessary," she says.
Card issuers and acquirers should leverage the United States' standard online transactional environment by issuing chip cards that can support online data authentication. "Those cards are much cheaper," Ericksen says.
In the online environment, PINs are not necessities. "We're trying to dispel the myth that the EMV chip always has to be partnered with a PIN," she says. "We're advocating the dynamic data capability of the chip; not so much chip and PIN."
Visa's 2013 deadline applies to acquirers and processors. Visa wants systems upgraded to support contact and contactless-chip, such as mobile, payments. Doing so will streamline the migration process and set the stage for increased adoption of mobile payments. "We're really working to pave the way for a mobile infrastructure," Ericksen says. "Dual interface for mobile is something we want to see merchants embrace."
For merchants, the incentive is linked to PCI compliance. "By October 2012, for the merchants that have deployed dual-interface technology that supports EMV contact-chip and contactless-chip transactions, we would reduce the burden for validating their PCI," she says.
The 2015 date refers to the shift in fraud liability. Merchants that have not adopted contact chip technology by that time will be liable for losses linked to card fraud, if EMV chip technology could have prevented the fraud.
On the card-issuing side, Visa wants banks and credit unions to plan for critical EMV card mass. And from a cardholder verification point of view, Visa recommends support for signature and PIN-based transactions.
"Within the transaction itself, as the PIN-debit network is set up today, the chip would just be added," Ericksen says. "The chip would just be another authentication layer, whether it's credit or debit. But we want issuers and acquirers to be set up for both."
Ericksen is responsible for managing integration of Visa's contactless and contact chip payment services and new form factors beyond traditional cards, Verified by Visa, Visa Advanced Authorization, Visa Risk Manager, and the product platforms that enhance the security of Visa's core product offerings. Since joining Visa in 1994, Ericksen has been actively involved in developing the global smart card implementation strategy and formulating business cases for Visa Smart Debit/Credit, GlobalPlatform and multiapplication product offerings on contact and contactless chip cards and in mobile phones. Ericksen also has managed Visa's participation with standards organizations such as GlobalPlatform, EMVCo and the Mobile Payment Forum.