EMV Fraud Who Is Liable
When fraud occurs after EMV cards are issued, who will be liable for the costs?
If an in-store transaction is conducted using a counterfeit, stolen or otherwise compromised card, consumer losses from that transaction fall back on the payment processor or issuing bank, depending on the card’s terms and conditions.
Since the Oct. 1, 2015 deadline created by major U.S. credit card issuers Mastercard, Visa, Discover and American Express, the liability for card-present fraud has shifted to whichever party is the least EMV-compliant in a fraudulent transaction.
Consider the example of a financial institution that issues a chip card used at a merchant that has not changed its system to accept chip technology. This allows a counterfeit card to be successfully used.
The cost of the fraud will fall back on the merchant,
The change is intended to help bring the entire payment industry on board with EMV by encouraging compliance to avoid liability costs.
Today, any parties not EMV-ready could face much higher costs in the event of a large data breach.
Pay at the Pump
Until recently, automated fuel dispensers had until 2017 to make the shift to EMV. However, a December 2016 Visa and Mastercard agreement now gives pay-at-the-pump gas terminals until October 2020 to become EMV-compliant.
Given the migration challenges for implementing EMV in the petroleum environment, Visa’s and Mastercard’s modification of the liability shift dates will be beneficial to the retail petroleum industry and the U.S. chip migration,
So for now, gas stations do not fall under the existing EMV fraud liability shift rules. ATMs still have two fraud liability shift dates: Mastercard’s that passed in October 2016 and Visa’s in October 2017. Until both dates pass, ATMs will follow existing fraud liability rulings.