Ingenico Exec on 2015: Fewer Breaches, Missed EMV Deadlines

2014 was an eventful year for the payments industry. Apple Pay launched, bringing legitimacy to NFC and much attention to mobile POS.  

There were more security breaches—and new steps taken by merchants to protect shoppers’ information and identities.  And we started the countdown to the October 2015 EMV liability shift. If those examples are any indication (and we think they are), 2015 is poised to be the most exciting time in payments to date.

Here are the top five trends and predictions that we think will be the most important in 2015:

Point-to-point encryption (P2PE) will likely be adopted by virtually all Tier One and Two merchants. Also known as end-to-end encryption (E2EE), P2PE encrypts card data from the entry point of a merchant's point-of-sale (POS) device to a point of secure decryption outside the merchant's environment, such as a payment processor. The PCI Council recommends P2PE for all merchants, and like tokenization, it is of keen interest among merchants right now in light of recent breaches. It is also important to note that P2PE and EMV are complimentary.

Many Tier One and Two merchants will prepare for the Oct 2015 EMV liability shift with a shortcut approach called “semi-integrated.”Many merchants are linking their EMV and P2PE planning, and taking an approach Ingenico calls semi-integrated. That approach aims to take the whole merchant environment out of PCI scope and solve the EMV piece at the same time with a seamless payments system that covers both PCI and EMV compliance.

That said, many Tier Three and Four merchants will be unprepared for the Oct. 2015 EMV liability shift, period. While Ingenico sees Tier One and Two merchants diligently working toward preparing for the Oct 2015 EMV liability shift, it sees less interest from Tier Three and Four merchants. Ingenico predicts that over half of Tier Three and Four merchants will not have implemented EMV payment processing by the deadline.

There will be a lot of heated discussion around who owns consumer (shopper) data. In a mobile wallet world, retailers often no longer receive details on who is purchasing and what they are buying. Ingenico expects a lot of heated discussion on this issue in 2015, and further predicts that merchants will implement solutions such as iBeacon that will help them keep following their consumer base and better understand/track who’s shopping in their stores.

There will be fewer merchant breaches in the latter half of the year, as merchants come up to speed on EMV. Multiple studies (see here for an example) have shown that EMV helps decrease credit card fraud. In fact, in regions where EMV is implemented, there is always a noticeable migration of fraud away from that area and into others that do not use EMV, as well as increases in online fraud.  

Thierry Denis is president of Ingenico Group in North America