Securing Cardholder Data
EMV: One Step on the Path to Securing Cardholder
EMV technology is an increasingly hot topic among merchants, in large part because of the upcoming Oct. 1, 2015, fraud chargeback liability shift associated with it. A recent Gallup poll found nearly 70 percent of U.S. consumers frequently or occasionally worry about hackers using stolen payment information after making a transaction, topping the list of crimes Americans fret about most (1).
EMV - a step in the right direction
EMV technology has dramatically reduced card fraud resulting from counterfeit, lost and stolen cards in other countries where it is employed, but the U.S. is one of the last major countries to adopt it. The UK Cards Association reports that losses at U.K. retailers has fallen by 67 percent since 2004, and lost and stolen card fraud fell by 58 percent between 2004 and 2009 (2). U.S. adoption of EMV is intended to improve data security across the market.
Given the ever-evolving payments security requirements merchants face today, most business owners have questions regarding EMV. One of the most common misconceptions in the payments industry is that EMV is the saving grace against the looming threat of a data breach.
In a perfect world, that would be true. Unfortunately, that's not the case. EMV provides better security against fraud because the card data needed to complete a transaction is embedded in a microchip on the credit or debit card, which is nearly impossible to counterfeit because it creates a one-time identifier code for that payment. However, EMV does not prevent breaches.
Three-pronged approach to complete protection
Breaches are nearly impossible to prevent. But we can prevent cybercriminals from being able to use any data they steal with other security technologies like tokenization and point to point (P2P) encryption, also known as end to end (E2E) encryption. Tokenization replaces sensitive payment data with a unique token and is an effective and affordable way to protect your customers’ card data. E2E encryption protects data in flight by masking the full credit card number with meaningless characters so full credit card data is never clearly visible to thieves.
When EMV technology is accompanied by tokenization and P2P/E2E encryption, consumer card information is not only incredibly difficult to obtain, but nearly impossible to replicate if illegally obtained. With EMV, tokenization, P2P/E2E encryption at play, when cybercriminals breach a system to extract data, they won’t able to do anything with it.
While EMV technology adds value to the entire payment process, it is just one piece of the security puzzle. Data theft is an omnipresent aspect of the payment industry. An EMV solution that includes tokenization and P2P/E2E encryption is among the best options for preventing fraud while also securing card data. Merchants that upgrade their POS systems to comply with EMV guidelines are taking a big step forward in the ongoing battle to protect their customers and their business.
- Gallup, http://www.gallup.com/poll/178856/hacking-tops-list-crimes-americans-worry.aspx (Oct. 27, 2014)
- EMVCo, http://www.emvco.com/about_emvco.aspx?id=202 , December 2013.
Get An eBook All-Access-Pass
- eBook About POS
- Grow Your Business Guide
- Improve Your Business
- 5 Steps Secure Your Business
Subscribe to our blog and get an all access pass to our past, present, and future eBooks for FREE.
At Your Fingertips
It's a big job to buy the perfect POS System. This is a robust guide to get you equipped to ask all the right questions to potential providers.
With this FREE service we can point you in the direction to providers who can meet your needs, and potentially exceed your expectations.