How banks can navigate a post-EMV chip environment
The next time you look at the chip on your debit or credit card, consider this: We will soon mark the three-year anniversary of the EMV liability shift for point-of-sale transactions in the U.S. The U.S. was the last major market to switch to EMV, a technology that has transformed the payment process for retail organizations; financial institutions; and perhaps most importantly, consumers.
The long-stated goal of EMV is to reduce counterfeit and lost/stolen payment card fraud. While the U.S. arrived late to the EMV party, perhaps it was fashionably late: Significant progress has been made toward this goal. Visa announced at the end of 2017 that counterfeit fraud dollars had dropped 40 percent in September 2017 compared to December 2015 for merchants who had completed the chip upgrade. From a high-level perspective, EMV is accomplishing what it was designed to do.
Despite the early pushback, it seems most of us have already accepted and grown accustomed to EMV technology. According to EMVCo, 58.5 percent of issued cards in the U.S. had adopted EMV as of the fourth quarter of 2017. The U.S. still lags behind Europe and other countries in terms of adoption, but consumers once confused and frustrated about the transition now insert their cards instead of swiping without a second thought. (Remarkably, some businesses still only accept swiped cards, alarming given the fallout from the Target breach of 2013 that hit 41 million customers.)
Though EMV implementation at the point of sale has succeeded from many perspectives, the initial rollout marked only half the battle. Today’s post-EMV environment poses often unanticipated challenges that can pose difficulties to navigate for banks.
A post-EMV environment: From hoops to headaches
Many banks assumed that once they cleared the initial hoops of EMV compliance, the dust would settle and operations would return to status quo. But three years out from the deadline, banks now realize that living with EMV calls for accepting a new normal.
Once banks go live with EMV, they must continually test their applications and processing scenarios to ensure transactions remain reliable and secure. They must also pursue ongoing certification requirements to maintain their EMV programs. These additional steps and considerations add significant time, resources and oftentimes headaches for banks as they cope with this new reality.
Meanwhile, many banks are just coming to grips with the need for separate, different certifications for EMV contactless cards. After significant success in major markets such as Australia and the U.K., contactless cards are starting to surface in the U.S., quickly rising in popularity.
MasterCard data indicates that nearly 800,000 merchant locations here are contactless enabled—with an 80 percent growth in contactless transactions year-over-year as of Q4 2017. If other countries’ previous progress in payments indicates what will happen, this demand will see a rapid increase.
Besides maintaining EMV certifications for contact cards, issuers and acquirers of contactless cards will begin to deal with different processes and requirements. Organizations must recognize the need to upgrade testing capabilities to manage these unique technologies and the requirements that come with them. Without the necessary resources in place, banks may fail to meet the ever-changing expectations of their consumers—and risk falling behind.
Easing the burden, passing the test
As financial institutions attempt to adjust in this new landscape, a few steps can ease the pain. Certainly, banks cannot control compliance deadlines and certifications. But they can control which technologies they deploy and which systems they utilize to manage the quickening pace of change.
Though payments technology has seen rapid progression for years now, too many banks still rely on dated, decades-old testing systems. This reliance on manual processes or legacy tools often results in slow delivery cycles, limited test coverage and overall poor results. These issues, exacerbated in the EMV environment we operate in today, keep testing and certification systems in overdrive to keep up with new requirements.
An advanced testing strategy that leverages automation and virtualization can reduce the time required to conduct tedious, manual processes and allow testers to run a wider range of tests more quickly—while also boosting code coverage and accuracy. Moving testing to the cloud results in a more agile, efficient and collaborative approach than anything legacy systems can achieve. Next-generation testing solutions add up to increased speed and operational efficiency: making it easier to compete in today’s marketplace.
To be sure, EMV has proven exasperating for many banks. But we must remember that EMV’s overall purpose is to reduce fraud and offer better protection for banks and consumers alike. Financial institutions by and large can grasp that while EMV is here to stay, many new, exciting technologies are sure to follow.
The pace of change will only accelerate. To effectively navigate this post-EMV environment, banks must adopt a new mindset in terms of testing and certification. Beyond the obvious tests, a broader one awaits in the banking marketplace. Passing that test, much like the EMV chip itself, represents progress.
Want more Banking Strategies? Sign up for our free newsletter!
For more insights, check out the podcast: How banks will win customers in a “do it for me” payments world.