EMV Migration – Driven by Payment Brand Milestones

By Cathy Medich, Smart Card Alliance

The move toward EMV in the United States is accelerating, with a number of significant announcements that provide milestones for migration.  Visa took the lead with its announcement on August 9, 2011, with MasterCard, Discover and American Express following suit with announcements on January 30, 2012, March 15, 2012, and June 29, 2012, respectively.  The payment brand milestones include retailer incentives, processing infrastructure acceptance requirements and fraud liability shift.  Payment brands have aligned their milestones to streamline payments industry migration to EMV.

The milestones that have been announced by the payment brands include a number of key dates, starting in October 2012.

Visa Milestones

  • August 9, 2011.  Visa announced plans to accelerate chip migration and adoption of mobile payments in the United States, through retailer incentives, processing infrastructure acceptance requirements and counterfeit card liability shift.
  • October 1, 2012 – PCI Audit Relief:  If more than 75% of merchant Visa transactions originate from EMV-compliant POS terminals that support both contact and contactless transactions, the merchant may apply for relief from the audit requirement for PCI compliance (but is still mandated to be PCI compliant).
  • April 1, 2013 – Acquirer Compliance.  Acquirers and sub-processors must be enabled to handle full EMV chip data in transactions.
  • October 1, 2015 – Counterfeit Card Liability Shift.  The party that has made investment in EMV deployment is protected from financial liability for card-present counterfeit fraud losses on this date.  If neither or both parties are EMV compliant, the fraud liability remains the same as it is today.  This date excludes automated fuel dispensers.
  • October 1, 2017 – Counterfeit Card Liability Shift, Automated Fuel Dispensers.  This extends the card-present counterfeit card liability shift to transactions from automated fuel dispensers.

MasterCard Milestones

  • January 30, 2012.  MasterCard announced their U.S. roadmap to enable the next generation of electronic payments, with EMV the foundational technology.
  • October, 2012 – PCI Audit Relief:  If more than 75% of merchant MasterCard transactions originate from EMV-compliant POS terminals that support both contact and contactless transactions, the merchant is relieved of audit requirement for PCI compliance (but is still mandated to be PCI compliant).
  • April, 2013 – Acquirer Compliance.  Acquirers and sub-processors must be enabled to handle full EMV chip data in transactions.
  • April, 2013 – Cross-Border ATM Liability Shift.  At this milestone, MasterCard will extend its existing EMV liability shift program for inter-regional/cross-border Maestro ATM transactions taking place in the United States.
  • October, 2013 – Account Data Compromise (ADC) Relief:  MasterCard has announced ADC relief for merchants.  On this date, if at least 75% of MasterCard transactions originate from EMV-compliant contact and contactless POS terminals, the merchant is relieved of 50% of account data compromise penalties.
  • October, 2015 – Fraud Liability Shift.  MasterCard liability hierarchy takes effect.  The party that has made investment in the most secure EMV options is protected from financial liability for card-present fraud losses for both counterfeit and lost, stolen and non-receipt fraud on this date.
  • October, 2015 – Account Data Compromise Relief:  On this date, if at least 95% of MasterCard transactions originate from EMV-compliant POS terminals, the merchant is relieved of 100% of account data compromise penalties.
  • October, 2017 – Fraud Liability Shift, Automated Fuel Dispensers.  MasterCard liability hierarchy takes effect for automated fuel dispensers.

Discover Milestones

  • March 15, 2012Discover announced implementation of a 2013 mandate for acquirers and direct-connect merchants in the U.S., Canada and Mexico, to support EMV.  Discover’s approach will support all card authentication channels (online and offline), all cardholder verification methods (including both chip and PIN or chip and signature transactions), and all commerce channels (contact and contactless, including mobile).

American Express

  • June 29, 2012.  American Express announced its U.S. EMV roadmap to advance contact, contactless and mobile payments and its plans to begin issuing EMV-compliant cards in the U.S. in the latter half of 2012.
  • April, 2013 –  Acquirer/Processor Compliance.  Processors must be able to support American Express EMV chip-based contact, contactless and mobile transactions.
  • October, 2013 –  PCI DSS Reporting Relief.  Merchants will be eligible to receive relief from PCI Data Security Standard (DSS) reporting requirements if the merchants’ POS acceptance locations, where 75% of their transactions occur, are enabled to process American Express EMV chip-based contact and contactless transactions.
  • October, 2015 – Fraud Liability Shift. American Express will institute a fraud liability shift policy that will transfer liability for certain types of fraudulent transactions away from the party that has the most secure form of EMV technology.
  • October, 2017 – Fraud Liability Shift, Automated Fuel Dispensers.  American Express fraud liability shift takes effect for transactions generated from automated fuel dispensers.

The Smart Card Alliance Payments Council is active in providing resources to help the industry with EMV migration.  The Council is currently working on an update to the February 2011 EMV roadmap white paper to clarify payment brand milestones and provide guidance to issuers, acquirers/processors and merchants about the changes needed to move to EMV.

 

Comments are closed