SAN FRANCISCO – Smaller merchants may miss Visa Inc.’s first deadline for chip-card acceptance by as much as two years, though larger merchants should meet that deadline easily.
Merchants that handle 75% of their annual Visa transactions as of October 2012 through chip-accepting terminals will not have to validate their compliance against the Payment Card Industry data security standard, Visa said Aug. 9. They still will be required to adhere to the standard, which describes how companies must protect payment data.
Visa says it hopes to accelerate the U.S. migration to the EMV Integrated Circuit Card Specifications to support more secure payments worldwide and ready the U.S. marketplace for the arrival of Near Field Communication-based mobile payment technology.
American Banker, an affiliate of Credit Union Journal, reported that the nation's largest merchants already are "mostly poised" to upgrade and replace payment terminals to accept contact and contactless EMV cards at the point of sale, says Randy Vanderhoof, executive director of Smart Card Alliance of Princeton Junction, N.J.
"It won't be a big deal for large merchants by next year to ensure that most of their terminals can accept [contact and] contactless payment because the majority are already equipped for it or are moving in that direction," Vanderhoof says. "But smaller merchants more likely will wait to upgrade to contactless until the time they would ordinarily replace terminals."
By October 2015, merchants' acquirers could be made liable for fraudulent transactions on chip cards if merchants do not have the proper readers in place, Visa said. Currently, issuers are liable. Fuel-selling merchants will have until October 2017 before the liability shift affects them.
The date Visa set for its liability shift "is quite aggressive, given the size and diversity of the U.S. market," Vanderhoof told American Banker. "As with any large group, it's almost inevitable that some large merchants will underestimate the potentially huge task of changing all their back-end systems to be EMV-ready."
