Thursday, June 23, 2016

For Better Security, Dip, Don’t Swipe


With Father’s Day celebrations and gifting bigger than it’s ever been, and with all those June graduations and weddings, consumers have been using their credit cards more regularly for more purchases. In fact, it’s expected that this year U.S. credit card balances are approaching $1 trillion. That’s a 1 with twelve zeros following it.

Just to put that amount into some sort of perspective, a stack of a trillion one-dollar bills would be 60,000 miles high, about a quarter of the way to the moon. It would weigh a little over 10 tons. You could put nearly 9 million students through a 4-year college or buy every NFL franchise and have money left over to buy a few professional baseball, basketball, and hockey teams. So a lot of money.

This $1 trillion is very close to the high of $1.02 trillion consumers reached in 2008 and a sign that consumers are more comfortable carrying credit card debt. Also that banks are taking advantage of those circumstances trying to capitalize – and differentiate – their offerings – because credit cards are a really profitable line of business for them.

If you’ve gotten a new credit card recently you’ll probably have noticed a tiny computer chip has been added to the front of the card. That chip means your card is now equipped with EMV technology, which stands for “Europay, MasterCard, Visa” and has been around in Europe for a while now (hence the “Europay” in the name). The chip makes a card really, really hard to counterfeit, by creating a unique transaction code that cannot be used again, thus adding another layer of security in an era of hacking, phishing, scaling of firewalls, and identity theft, in an market environment where nearly 75% of Americans worry that their credit card will be stolen from a retailer they use.

Under the Fair Credit Billing Act your liability for unauthorized use of your credit card maxes out at $50. If just your credit card number is stolen, you’re not liable for any unauthorized use, and most credit card companies give consumers a pass on the $50 anyway as a sign of contrition and good faith.

Currently, according to our 2016 Customer Loyalty Engagement Index, when it comes to credit card security, here’s how consumers rank the card that has their biggest share-of-wallet:
  1. Discover/American Express
  2. Visa
  3. MasterCard
  4. Capital One
  5. Barclaycard

So consumers should be pretty happy with a change to a more secure card, right?
Right! They are – or would be – if they actually thought about it. Right now the only thing a consumer has to remember is that a card with an EMV chip doesn’t get its magnetic stripe “swiped,” the chip gets “dipped” into a slotted reader at the bottom-front of the credit card terminal and gets left there until the transaction is completed. So a minor shift in payment procedure, but more security, so good for the customer, right? Right. For the customer. But not so much for the merchant.

Merchants are being pressed to install and accept more secure EMV-equipped credit cards because as of October 2015, a deadline created by MasterCard, Visa, Discover, and American Express, merchants that don’t have the EMV process in place become the ones liable for any fraudulent chip card transactions. The merchants, not the banks. That means if a stolen or counterfeit card should have been EMV-slotted, but instead – because the EMV system hadn’t been installed in the store yet – gets swiped, the merchant is one responsible for the loss. That used to be covered by the bank issuing the card, so the responsibility has shifted to the least EMV-compliant party, in this instance the merchant.

Bottom line: The change is intended to make the payment industry EMV-compliant to avoid liability costs, something the credit card industry and the merchants have been fighting about for the past 10 years. The EMV chip cards, while more secure, require retailer to install new payment terminals, which also have a slightly longer processing time. But the scales tipped in favor of the credit card industry after the hackers scaled the firewalls of companies like Target, Sony, Anthem, Staples, Ebay, Neiman Marcus Home Depot, British Airways, and Kmart, and those were just a few of the high-profile hacks over the past couple of years. So the chip-based credit-credit card transactions should please everybody, right? Not so fast!

It turns out there have been objections. Home Depot just filed an antitrust suit against MasterCard and Visa that the merchants are paying too much for credit card transactions, adding new assertions – years after Home Depot and others had opted out of a$7.25 billion settlement regarding price-fixing ­– regarding the effectiveness of EMV chip cards, now contending that MasterCard and Visa conspired to prevent the adoption of a chip that also required a consumer to enter a PIN, because banks don’t want to add the necessity of a PIN at checkout. For what it’s worth, it’s interesting to note that banks collect higher merchant fees for transactions that require a signature than those that just need a PIN. Home Depot isn’t the only merchant that has complaints. A Federal court in Brooklyn, New York is handling cases filed by Wal-Mart, 7-Eleven, and Target.

The banks have been issuing new cards for about a year now, but only about 25% of retailers can process them and court cases regarding credit verification options increase if not exactly abound. So those who are not EMV-ready could face much higher costs in the event of consumer data breaches, and money (or losses of money) is something retailers are bound to listen to, because “money talks.”

And a trillion dollars actually yells!


Postscript: Shortly after we wrote up these findings, MasterCard and Visa made an offer to merchants who hadn’t started to accept the chip cards yet, indicating they would accelerate checkout terminal certification and limit costs retailers would have to incur for counterfeit transactions. Merchants have said that the equipment certification delay forces them to pay for fraud even when they have equipment in place. Some merchants and customers have complained that chip-card transactions take too long. Yet another example of how consumer expectations (B2C and B2B) are always on the rise, and how it can only help to better understand what consumers really want. And how your brand can really deliver.


Find out more about what makes customer loyalty happen and how Brand Keys metrics is able to predict future consumer behavior: brandkeys.com. Visit our YouTube channel to learn more about Brand Keys methodology, applications and case studies.

No comments: