EMV Migration to the United States – What Convenience Store Retailers Need to Know

Parker Burke's picture
Parker Burke : Marketing Director, Media Systems

While EMV remains a complicated technology and its implementation in the convenience store industry presents numerous challenges, in their November article titled EMV: What C-store Retailers Need to Know, Convenience Store News perhaps did more to add more confusion to a confusing subject than it did help clarify it.

What is EMV?

EMV is the global payment standard with migrations occurring in various stages in all major geographies around the world.

Unlike the magnetic stripe card you carry in your wallet today, an EMV card primarily stores personal account information on an electronic “chip” located on the front of the card (albeit, during the transition, most cards will have both magnetic stripe and chip capability for retail establishments that have yet to migrate to chip-based payment technology).

To ensure EMV-capable cards are used in all environments where EMV terminal technology exists, a service code is embedded in the magnetic stripe information that enables the point-of-sale to prompt a consumer incorrectly “swiping” the EMV-capable card and instead prompting them to insert the chip.

To enhance the security of the transaction, EMV transactions employ a technology called Dynamic Data Authentication (DDA), which means some of the account information is unique for each transaction.  When inserted into the reader, the electronic ship powers on and completes a complex algorithm generating a unique CVV or CVN (the 3 digits on the back of your MasterCard or Visa, or the 4 digits on the front of you American Express Card).  Therefore, if account information is compromised during the transaction flow, the data cannot necessarily be used to create a white label credit card.

What is the EMV migration timeline?

In their August 2011 announcement, Visa announced a migration timeline for the United States to bring chip-based payments to the US retail stores:

October 1, 2012: if > 75% of retailer’s payment transactions occur on dual interface EMV-capable terminals, Visa removes requirement for annual PCI-DSS recertification. 

While this date has come and gone already, retailers can still begin taking measures to comply and can apply at any time once they meet the stated requirements.

Key words:

  • “Dual interface EMV-capable terminals” – which means merchants must implement terminals accepting both contact and contactless payment acceptance capability.
  • “PCI-DSS recertification” – merchants must be certified and are required to maintain their certification, but are not required to recertify annually.

April 1, 2013: Payment processors are required to begin accepting EMV transactions. 

Once payment processors have released their specifications, equipment vendors can begin building in software support for EMV transactions into their EMV-certified terminals.  Further, after this date, consumers will likely begin to be issued chip-based cards (with magnetic strip for non-supported retailers) as their existing cards expire.

Liability shifts:

  • POS:  October 1, 2015: liability shift for any in-store POS fraudulent transactions on non-EMV compatible terminals
  • Forecourt:  October 1, 2017:  liability shift for fraudulent transactions on non-EMV compatible terminals 

Key word: “Liability shift” – All of the card brands are very careful to refer to this migration not as a “mandate”, but as a liability shift, giving merchants the option to upgrade their terminals.

MasterCard, Discover, and American Express have all subsequently made announcements outlining their migration strategy.  While there are slight differences in implementation and terminology (i.e.- “liability hierarchy”) that will clear up in advance of the market commercialization, the important implementation dates for field deployment are the same, simplifying migration in the United States versus the experience in other global geographies.

How will retailers need to be prepared to support?

Like Gilbarco’s EncoreTM 700 S dispenser, many new equipment vendors are now selling new convenience store technologies as “EMV-certified” and “EMV-upgradable”.  This means that the equipment has likely been certified by EMVCo LLC, and is awaiting payment processor specifications prior to building in software to support EMV transactions.  In this case, a software upgrade will be required in advance of accepting EMV transactions.

For older equipment installed in the field, CRIND retrofit kits will be required to enable EMV-transactions at the forecourt.  Gilbarco’s FlexPayTM II CRINDTM retrofit kits are available for The AdvantageTM and Encore line of dispensers, and provides the same CRIND technology to installed dispensers as the Encore 700 S.

Additional Information

Gilbarco’s EMV informational web-page

Previous blog posts on EMV:

Visa announces EMV roadmap to the United States

Another “Chip” Falls – MasterCard Follows Visa’s EMV Lead

For the latest on emerging payment technologies, follow Parker on Twitter – @MobileAtThePump

Add new comment