What is EMV? What is PCI? Why does it matter to my business?

avery-evans-RJQE64NmC_o-unsplash

As consumers move away from cash, and card payments take the lead, the safety of financial data is a big concern. Businesses have to actively work toward creating an environment for their customers to spend their money safely, and getting EMV and PCI certifications from card companies is one of the most important ways to do that.

EMV stands for Europay, Mastercard, and Visa; the three founders of the technology. It is the new world-wide standard for credit and debit card security via chip technology. The biggest card providers in the world put this new security measure in place around 2015 by to protect businesses and consumers from data breaches and card fraud. Older cards use magnetic stripes to store data, and were easy to duplicate and steal.

Counterfeit cards were a huge issue with this technology since it meant that criminals could duplicate a card as many times as they wanted. Implementing EMV measures has decreased the likelihood of these fraudulent activities in all countries that have adopted the technology. Canada and Europe have already adopted this safety measure. Many U.S based payment systems with older technology are not acceptable by the standards in these countries.

What does EMV certified mean?

Man entering his PIN into an EMV certified payment terminal.

Most credit or debit cards in Canada have a small chip embedded in them. That chip is what prevents card information from being cloned and used fraudulently. One set of information was encoded onto magnetic stripes to be used in every transaction; chip technology is different in that it generates a new ‘code’ for every transaction.

If a thief get access to your card’s transaction code during a purchase, they won’t be able to duplicate it because the specific code for that transaction won’t work again. Processing transactions this way has significantly reduced the in-person credit card fraud. The addition of a PIN for chip transactions allows for increased security should a card get stolen or lost. Only the cardholder knows that unique identifier and the card cannot be used without inputting it first.

It’s important to understand what this means to you as a business owner. EMV compliance means that the liability for fraud shifts to the merchants that haven’t switched over to EMV technology. Before EMV, banks and card companies used to be liable for any fraudulent card usage when magnetic stripes were the standard. However, now that the technology to protect consumers is there, any store without EMV will be liable for fraudulent transactions at their business. Even though changing over to EMV compliant payment terminals is a large and costly change, the security provided by this shift is worth the investment. The Canadian government set the deadline for this change for October 14, 2020. All attended merchants have to have EMV certified payment terminals by that date. However, all unattended merchants will have until October 14, 2022 to make the switch.

To learn more about EMV Certification in Canada, go to EMV Canada.

What is PCI compliance?

PCI is the shortened version of PCI DSS which stands for Payment Card Industry Data Security Standards. Card companies require this standard to ensure the safety of transactions.  In other words, being compliant to PCI standards means following the guidelines set forth by the PCI Standards Council. The six main requirements are: maintaining a secure network and system, protecting cardholder data, maintaining a vulnerability management program, having strong access control measures, regularly monitoring and testing networks, and maintaining an information security policy. If a business doesn’t follow these standards, they are more likely to be targets for data breaches and theft.

To learn more about PCI Compliance, go to PCI Compliance Guide.

Follow these standards and regulations to protect your business and your customers from theft and fraud.

These regulations are why all of Wiz-Tec’s Payment Solutions are both EMV certified and PCI compliant.

Share this post

Share on facebook
Facebook
Share on linkedin
LinkedIn
Share on print
Print
Share on email
Email

Leave a Comment