Skip to Main Content
PCBB Banc Investment Daily October 28, 2014
Banc Investment Daily
October 28, 2014

Don't Be Late For EMV Preparedness

If you're a heavy sleeper and have dozed through your alarm clock on one too many occasions, it might be time to consider something more drastic. Alarm clocks should be more creative, like maybe a clock that won't stop ringing until you've done 30 bicep curls. How about a clock that rolls and leaps to the ground after one snooze and won't stop cavorting around the room and beeping until you catch it. Or a clock that forces you to stand up in order to turn it off, one that forces you to insert money to make the noise go away, or another model that's specially enabled to deduct money from your bank account and donate funds to charity every time you press snooze. These may sound like ideas from a Harry Potter movie, but you never know what technology will create next! There's nothing wrong with sleeping longer every so often, but if doing so habitually makes you late, it's a problem that needs solving.
There's also a lot of work being done in the banking industry to solve alarming problems with credit and debit card security. By this point most bankers are undoubtedly familiar with the shift to EMV payment technology that's taking place in the US. These chip cards are considered far more secure for in-person transactions than the traditional magnetic stripe cards that are widely in use in this country today.
Right now many banks are trying to get a handle on EMV chip card migration for payments. There is an Oct 2015 deadline and at that time, the responsibility for any fraud resulting from a payment transaction will shift to the party using the least secure technology. According to the EMV Migration Forum, by year-end 2013 17mm to 20mm chip cards had been issued to US consumers and millions of EMV-capable terminals and ATMs have been installed (some of which are accepting chip cards).
The shift to EMV compliance for ATMs, however, is considered more technologically challenging and extra time has been awarded before a liability shift takes place. MasterCard says that by Oct 2016, ATMs need to be EMV-compliant or there will be consequences in the event of a breach. For Visa, the liability shift won't occur until Oct 1, 2017.
Technically speaking, ATM providers and acquirers are not being forced to migrate to EMV. However, the prospect of being held financially responsible for an ATM breach is pretty strong motivation to make the switch. A simple cost-benefit analysis should make the transition a no-brainer for most banks but the expense will be considerable. Consider that there are more than 400K bank and independently owned ATMs in the US and the average cost to upgrade is $3K to $4K, according to Vantiv.
The bigger question for many banks is when to make the switch. Some have already bounded out of bed to make the transition, while others have been content to snooze a little longer. For those banks in the latter category, a wake-up call may be in order. EMV migration for ATMs can be a 9-to-12-month project from start to finish, according to a recent white paper by the EMV Migration Forum, so banks need to get started.
When it comes to making significant technological changes, there are ample benefits to starting early. If you haven't already begun transitioning your ATMs to be EMV compliant, we urge you to throw off the covers and get going. When it comes to protecting customers and your own institution from risk, hitting the snooze button puts everyone at a disadvantage.