Did you know there's a name for those little chips that have shown up on debit and credit cards in the past few years? They're called EMV chips—it's an acronym that stands for Europay, MasterCard, and Visa, which are the three companies that kicked the whole thing off.
You might hear them referred to by a couple of other names, too, such as "chip and PIN or chip and signature," depending on the company that originates the card.
The technology dates all the way back to the '90s, but EMV chips didn't go mainstream in the U.S. until recently thanks to various compliance deadlines set by companies in 2016, 2017, and beyond. (Gas stations have until 2020 to get with the program, for example.)
There aren't any legal consequences to not complying because it's not the law—it's that the major companies behind the chips have decided to penalize merchants that don't comply.
So what does all of this EMV chip compliance mean for restaurant owners in 2018? Let's start at the beginning.
What are EMV chips and how do they work?
When it comes to using chipped cards, instead of swiping the magnetic stripe, cards are inserted chip-first into readers to start the transaction. It's a different means to the same, albeit more secure, end.
“[The chip] has the same information as the magnetic stripe on your old card, but creates a unique code that gets reorganized with each purchase," John Krauss, Discover's senior manager for card payment and reinsurance strategy, told Gizmodo.
While EMV cards are a security measure designed to decrease counterfeit purchases, according to a National Restaurant Association Report, EMV chips only guarantee that a specific card is a legitimate card (as opposed to a counterfeit one). As the report says, the “back-end processing remains the same. The card number will still be sent unencrypted and is still susceptible to hacking."
So, they're a more secure solution, but not an entirely secure solution.
Even though all of this is going on behind the scenes, much of your daily business life will remain the same—you'll be offering up goods and taking credit card payments like you always have. What is different, though, is where the liability falls when chargebacks occur.
Understanding the liability shift
The transition to EMV chips represents a change in liability from the processor (credit card company) to the merchant (your restaurant), which means that you may be on the hook for any fraudulent charges.
As Upserve lays out in its guide on EMV cards, when it comes to settling fraudulent charges “whoever is the least EMV-compliant in a card-present situation is the one liable for fraud."
Here's how it works:
If your customer uses an EMV card and you have a chip-compliant terminal, the card issuer is liable for chargebacks.
If your customer uses a card that doesn't have a chip and swipes it at your terminal, the issuer is liable.
If your customer has an EMV card, but you're still using a terminal that only allows for magnetic swipes (i.e., isn't EMV-compliant), you're liable for charges over $25.
So, while restaurants aren't required to make the switch to EMV chips, there are some pretty severe downsides to choosing not to, and EMV chips are only becoming more and more common.
But there's a silver lining: the answer is as simple as your POS system.
Point of sale systems and EMV chips
What can restaurant owners do to protect themselves in an environment that is transitioning more liability to merchants rather than credit card companies? The most straightforward solutions lie in your POS system.
If you have a legacy, in-house POS system (the larger, on-premise terminals) and you're determined to keep it that way, the best way to protect yourself against chargeback liability is by investing in a third-party EMV reader.
Costs will include original hardware that can run up to several hundred dollars, service and support fees throughout, and any one-off costs associated with updates and extra training you and your staff will have to undergo.
Cloud-based restaurant POS systems, on the other hand, offer a much more manageable switch. If you've been thinking about changing to a more technologically advanced POS system anyway, an accessible path to EMV compliance is a significant selling point. Cloud-based solutions often include integrated EMV solutions, plus software updates happen with the tap of a button.
Another bonus of cloud-based POS systems is that they offer more options and access to encryption and tokenization services which are the best way that restaurant owners can protect themselves against fraud. Remember, EMV's only ensure that a card is authentic—they don't guarantee that data is safe. These tech advances add increased data security for both restaurants and their customers in an age where hacking happens often.
Ultimately, the choice is yours
You get to decide what's best for you and your restaurant.
Whether it's EMVs, encryption, or the next wave of advancements, the best way to protect yourself is with knowledge. The more you know about what's going on (in this case, EMV chips), the better decisions you can make.
Want to arm yourself with a little more knowledge about POS solutions for your restaurant? Here's some further reading to beef up your education: