First, there was cash. Then debit and credit cards entered the fray and revolutionized how we pay for goods and services. Today, upgraded cards with EMV chips are helping to change the payments industry.
EMV-based chip cards became a fan favorite when users of traditional magstripe cards began to have serious security concerns. While magstripe cards carry all the customer details as static data on the magnetic stripe, which can be easily stolen and cloned, EMV cards contain a chip that creates a unique code for every transaction—one that can’t be cloned and is rendered useless after the transaction is complete.
On that note, let’s dive into the world of EMV cards and how they have changed the way we make payments.
What is EMV?
EMV is a payment standard that stands for “Europay, Mastercard, and VISA”, the three companies behind its inception.
EMV cards come with a chip embedded within the card that interacts with a merchant’s payment terminal and checks whether the card is valid. These cards add multiple layers of security to prevent fraud and are virtually impossible to duplicate.
It’s a massive upgrade from magnetic stripe cards, where all the data (including your bank account info) is stored on the strip, making it easier for fraudsters to lift the data and clone it into a new card.
EMV vs NFC
NFC stands for “near field communication”. NFC cards are equipped with RFID technology that enables contactless pay, meaning you can simply tap your card or hold it close to the point-of-sale (POS) terminal and it will process the payment.
Instead of (or sometimes in addition to) an NFC tag, EMV cards are equipped with chips—you need to “dip” the card into the chip reader to make a payment.
Types of EMV cards
Today, payment processing companies are issuing two types of EMV cards: chip-and-signature and chip-and-PIN.
Chip-and-signature
As the name suggests, chip-and-signature cards are where you verify your identity with a signature. After you dip your card at the POS terminal that reads the chip, the merchant will ask you to sign your name to verify the transaction.
Chip-and-signature cards are less secure because a fraudster could steal your card and replicate your signature to make unwarranted purchases.
Chip-and-PIN
Chip-and-PIN is more secure for both merchants and consumers. After you dip your card at the POS terminal, you’ll be asked to enter a personal identification number (PIN), that only you know, to authenticate the transaction. A chip-and-PIN card is safer because even if a fraudster steals your card, they can’t rack up charges unless they know the PIN.
How do EMV cards work?
All EMV cards come embedded with a chip that functions as a mini-computer.
Although it takes only a few seconds to complete a transaction, things are happening behind the scenes:
- First, you insert the card into the POS terminal (also called “dipping the card”) that accepts chip cards.
- The card creates a transaction code that can be used one time. With this code, the POS terminal (and the issuing payment company) authenticates the card and processes the transaction.
- In some cases, you might be asked to enter a PIN code for further security.
📌 GET STARTED: Shopify Payments is the fastest way to start accepting payments in-person, online, and on-the-go. It’s included in all Shopify POS plans, so you can skip lengthy third-party activations and go from setup to selling faster.
Benefits of EMV cards
Both consumers and merchants benefit from the use of EMV cards—the consumer protects themself against fraudulent transactions, and the business ensures that their customer’s debit/credit card information is secured at all times.
Better security than magnetic stripe cards
Magnetic stripes on debit/credit cards store static data, meaning the customer’s information never changes. This is especially problematic when a card is stolen—the fraudster can clone the card and use it to make fraudulent purchases over and over again.
EMV uses encryption so the card reader only authenticates what it needs to know to capture the payment, which may also be verified by a PIN. All of this means that EMV is safer for merchants and customers alike.
EMV cards contain a microchip that creates a unique transaction code every time a new payment is initiated. So, even if the fraudster steals the transaction code, they can’t replicate the card since the code is only valid for a single transaction. This makes EMV cards a lot safer than magstripe cards.
EMV cards are more familiar to customers
EMV cards are popular among customers—almost 90% of all card-present transactions in 2020 were made using EMV cards.
Although newer forms of payments like “tap to pay” cards are gaining traction, EMV cards are here to stay, since consumers have become accustomed to this form of payment.
I use the Shopify POS chip reader for local pop-ups that I run—it’s a fantastic, safer, and more familiar way to take card payments, especially because a lot of cards in the USA don’t yet have tap-to-pay functionality.
The other tiny advantage is that you can have unmanned payment counters at the store since the customer can easily complete the transaction without merchant intervention.
Limitations of EMV cards
Despite EMV cards’ advantages, they do come with certain limitations that might make you think twice about accepting them from customers.
EMVs have vulnerabilities
EMV cards are still prone to vulnerabilities. For instance, EMV cards can’t secure you against card-not-present (CNP) fraud. A card-not-present transaction happens when you’re paying remotely without ever coming into contact with a POS terminal.
This gives fraudsters an opportunity they can exploit. All they need are a few details from the card, such as the card number, expiry date, CVV code, and the type of card. Once they have those details, they can purchase things off the internet without your consent.
EMV cards also rely on strong encryption from the merchant’s POS system. Each card creates a unique transaction code every time a payment is made. This code is then decoded and authenticated by the POS terminal for processing the transaction. If the security of the POS terminal is weak, a fraudster can potentially steal the decoded information and commit unauthorized purchases.
EMVs are slow
EMVs are slow by nature—you need to dip the card in the reader, wait for it to ask for a PIN, enter said PIN, and then finally your transaction is complete. This entire process is slow and leads to an unnecessary loss of time for both the merchant and the consumer.
Plus, it’s not contactless. Post-COVID, many consumers are more conscious of touching surfaces, preferring to avoid unnecessary physical contact if possible.
As O’Byrne puts it, “contactless is the next iteration, whereby you wave your card (or phone) to make a payment. It’s faster and convenient for both the merchant and the customer.”
💡 PRO TIP: Shopify POS has a fully-customizable checkout experience. Create shortcuts to keep your most-used apps, promotions, and products at your fingertips so you can fly through checkout.
Start accepting EMV cards at your store (if you aren’t already)
By 2030, merchants worldwide are projected to lose approximately $49 billion to payment fraud. Merchants need safer ways to make payments—EMV cards are one such option.
They’re safer than magstripe cards and are widely used and accepted by both merchants and consumers. Even with limitations, EMV cards can easily prevent common fraudulent activities. So, if you haven’t started accepting these cards already, it’s high time you do.
Read more
- Payment Tokenization Explained: The End-to-End Process Of Safeguarding Digital Payments
- What is an EPOS System and How Does it Work?
- What is a Chip and PIN Machine and How Does it Work?
- Cash on Delivery: How To Guide for Retail Businesses
- What Is a Third-Party Payment Processor and How Does It Work?
- Merchant Services: Everything Retailers Need To Know
- EMV Chip Cards are Coming to the U.S. (Here's What Merchants Need to Know)