CONTINUE TO SITE »
or wait 15 seconds

Blog

Ignorance is no defense

April 21, 2014 by atm Atom — blogger, atmatom

In a disturbing study released in early March, Newtek Business Services threw a cold, wet towel over the notion that merchants were ready for — or even informed about — the changes coming with EMV.

Of more than 1,400 merchants polled by Newtek, 67 percent were not concerned about credit card security and 63 percent were not even aware of EMV chip card technology.

According to Barry Sloane, president and CEO of Newtek, merchants continue to take an "It's not a problem until it happens to you" attitude toward card security and EMV.

By way of background, Newtek is a merchant services ISO that processes more than $4 billion in payments annually for more than 100,000 business accounts. The majority of these merchants are small, with fewer than 10 stores, and would appear to be a fair representation of the universe of independent business owners in the U.S.

The fact that independent merchants lack both concern about card security and awareness of EMV will present several challenges for ATM ISOs:

ATM merchant conversations will be more difficult than POS conversations

With POS hardware prices starting at less than $300, many merchant ISOs are already offering free or reduced price EMV POS hardware in exchange for extended contracts.

For ATM ISOs, convincing merchants to replace or upgrade (where possible) an ATM for EMV will be in many cases a $2,000-plus conversation, depending on who owns the hardware.

For placed units, ISOs will have to decide whether they can enforce contracts that require the merchant to pay for upgrades and replacements, or whether they can justify absorbing the costs themselves based on location profitability.

ATM hardware upgrades will be more difficult than POS upgrades

Unlike POS devices, which can easily be swapped out, ATM upgrades and replacements for EMV will likely require multiple site visits. One Canadian ISO reports that it required an average of 3.2 visits per location to upgrade, activate and service ATMs for EMV.

With an estimated 250,000-plus retail ATMs operating today in the U.S., this would represent 800,000 service calls over and above normal maintenance. Extended conversations and negotiations with merchants mean that many ISOs might not be able to pull the trigger on field service and equipment orders until liability shift deadlines approach or even pass.

Market disruption as a result of EMV is guaranteed

Clearly the process of educating merchants about EMV and liability shift is both time-consuming and painful. In planning for the EMV upgrade process, ISOs will have to re-evaluate site and customer profitability. As part of merchant conversations, many contracts will have to be renegotiated, putting business at risk.

The upside for first movers and even new entrants is the opportunity not only to lock in their own business but also to poach competitor contracts. As one Canadian ISO famously said during the Canadian EMV upgrade cycle, "If you aren't upgrading your own terminals for EMV, I will be."

Many ATMs will be simply turned off after liability shift deadlines

Unlike Canada, Mexico and the UK, there is no regulatory mandate for EMV conversion in the U.S. In a white label ATM market where PCI standards and ADA regulations are still widely ignored, there is no reason to believe that EMV will be treated any differently by merchants or ISOs.

As a result, a healthy number of retail ATMs will likely be mag stripe only even after the liability shift deadlines pass. Under the 2016 and 2017 liability shift guidelines from the card schemes, liability will shift to the non-EMV participant in the transaction chain.

Presumably sponsor banks, issuers and processors will be EMV-ready by 2016. This would leave the ISO and the merchant to pay not only for fraud perpetrated at a non-EMV ATM, but also for all subsequent fraud.

Experience in Canada suggests that many of these incidents will result in six-figure claims. As we also saw in Canada, where processors determine that there might not be enough surcharge, interchange and settlement funds withheld to cover potential fraud liability, ATMs will be turned off until they are upgraded for EMV or replaced.

The apparent widespread merchant ignorance about card security and EMV represents a substantial challenge for ATM ISOs in the U.S. Unfortunately, when it comes to the looming hard costs of liability shift, ignorance is no defense.

This article has been republished from the Triton blog, atmAToM, with kind permission from Triton.

About atm Atom

None

Connect with atm:

Included In This Story

Triton Systems

Triton FI based products • NO Windows 10™ Upgrade • Secured locked down system that is virus/malware resistant • Flexible configurations - Drive-up and Walk-up • Triton's high security standards • NFC, anti-skim card reader, IP camera and level 1 vaults are all options • Triton Connect monitoring • Lower cost

Request Info
Learn More

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'