EMV Frequently Asked Questions
What is EMV?
EMV is a more secure method of taking card present transactions for credit and debit cards. This is why most card issuers have replaced cards with only a magnetic strip to those with a chip embedded into the card. In addition to the microchip technology, EMV transactions can also be taken using contactless (NFC- Near Field Communication) payments from both cards and mobile devices. EMV gets its name from the original developers of the technology- Europay, MasterCard, Visa.
What makes EMV more secure?
When you process a transaction with EMV technology, a one-time cryptogram is created with EMV data and sent to the customer’s issuing bank. That bank replies with its own one-time cryptogram when the transaction is approved. Because the cryptogram changes with every transaction, creating duplicate counterfeit cards is virtually impossible.
What does EMV have to do with me?
If you take transactions when the customer’s card is present, on October 1, 2015, rules were implemented which shifts liability for some fraudulent transactions onto the merchant if EMV is not used. While this deadline does not mean you can no longer accept cards with a magnetic stripe, it does mean that there is an increased risk of charge backs for cards with chips. Higher ticket and higher risk retail and restaurant merchants should be the most concerned about upgrading to an EMV reader.
If you only take payments online, by phone, or by mail then the implementation of EMV technology will not have an effect on your business, because you do not take “Card Present” transactions.
Does EMV apply to me if I ONLY take payments online, by phone or by mail?
No. EMV technology and the new liability standards only apply to transactions when the card is present when you process the payment.
Does a customer always have to enter in a PIN when processing a payment with EMV?
When you run a payment, using EMV technology the terminal will prompt for either a PIN or a signature, depending on the which verification method the issuer of the customer’s card requests.
When will I (the merchant) be held liable for fraudulent transactions?
For specific advice on chargeback risk, merchants should contact their merchant service provider. In as a general guide, after October 1, 2015 the party who has not yet adopted EMV technology (merchant or issuer) will usually be held liable for the transaction. The chart below will also give a general idea of liability some situations, but again this should only be used as a general guide and your merchant service provider should be able to answer specific questions regarding your account.
Please Note: This is only for transactions where the card is present.
What if the card the customer presents me for payment does not have a chip?
The card should still have the magnetic strip, so you can swipe the card to take payment. If a fraudulent transaction is reported, you will not be held liable.
What if a customer presents a card with a chip and I am not set up to take EMV transactions yet?
The card should still have the magnetic strip, so you can swipe the card to take payment. Be aware, if a fraudulent transaction is reported, you will be held liable for the loss.
Am I REQUIRED to switch over to EMV technology?
Merchants are not required to switch over to EMV, but for merchants who take “Card Present” transactions, we strongly recommend that you become EMV capable. Not only is it more secure, but you could start receiving an increased number of charge backs if you do not switch, because of the liability shift which took place on October 1, 2015 see the 'What does EMV have to do with me?' section above.
Are there any costs associated with switching over to EMV?
Usually the only cost associated with upgrading to EMV (as it pertains to the gateway) is the cost of the equipment. For more information about your specific account, contact the company who set you up with your USAePay account for questions regarding billing. If you do not know who set you up or you have an in-house account, you can contact our customer support department at 866-872-3729 ext. 490 and we will redirect you.
What do I need to be able to take EMV transactions with USAePay?
You will need the following:
- EMV compatible card reader w/ USAePay encryption key
- EMV supported solution: USAePay iOS App, USAePay Android App, Virtual Terminal, or 3rd Party Point-of-Sale (Contact your merchant service provider to see if your point-of-sale is supported).
- USAePay EMV Supported Processor
Can I process EMV transactions through: the Virtual Terminal, my mobile application or 3rd party point-of-sale?
- Virtual Terminal: Yes. As long as your processor is EMV ready through USAePay and you have a EMV compatible card reader with a USAePay encryption key.
- Mobile Application: Yes. As long as your processor is EMV ready through USAePay, you have a EMV compatible card reader with a USAePay encryption key, and you are processing through an iOS/Apple or Android device.
- 3rd Party Point-of-Sale: Yes. As long as your processor is EMV ready through USAePay, the point-of-sale is compatible with USAePay, and the point-of sale provider is EMV ready.
Which processors are EMV ready at this time?
Global, FDMS, First Data Rapid Connect, EPX and TSYS. We are working towards becoming EMV ready with our other platform partners, and this will be updated as they become available.
How do I know which processor I’m currently using?
Contact your merchant service provider. If you do not know who your merchant service provider is and you currently have an account with USAePay, you can contact our customer support department at 866-872-3729 ext. 490.
What EMV card readers are compatible with USAePay?
For a full list of EMV compatible devices and processors, please click here.
How do I order an EMV card reader and how much does it cost?
For this information, contact the company who set you up with your USAePay account. If you do not know who set you up, you have an in-house account, or you want to set up a new account with USAePay, contact our customer support department at 866-872-3729 ext. 490 and we will assist you in contacting the right party.
Do the card readers support swiped payments, chip payments (dip), pin debit, and contactless (tap) payments?
Yes. Both the Ingenico ICMP and the Castles MP200/MP200L support magnetic swipe payments, chip payments, pin debit payments, contactless card (Near Field Communication-NFC) payments, AND contactless mobile payments.
I have a compatible EMV card reader from a previous company or I bought one online from another company, can I use this card reader to take payments with USAePay?
Unfortunately, no. The reader does need to be encrypted with USAePay's encryption key and loaded with USAePay's middleware, so you will need to purchase it through the company who set you up with your USAePay account.
Do I need to update my software to process EMV payments?
- If you are using the mobile application, make sure you have the most recent version of the application downloaded. You can find the newest version of the iOS application here and the newest version of the Android application here.
- If you are using the Virtual Terminal, you will need to process EMV payments through version 2 of the merchant console. To make sure you have access to this version, contact the company who set you up with your USAePay account.
- If you are using a 3rd Party Point-of-Sale, then check with the point-of-sale provider to see if there are any updates required on their end AND contact the company who set you up with your USAePay account to be sure your parameters have been updated to process EMV payments.
- If you do not know who set you up, you have an in-house account, or you want to set up a new account with USAePay, contact our customer support department at 866-872-3729 ext. 490 and we will assist you in contacting the right party.
I am a developer, can I add EMV to my mobile application or desktop solution?
- Mobile Application- Yes. You can add EMV support to applications by using our middleware SDK. For more information on the middleware SDK for iOS click here and for Android click here.
- Desktop Solution-Yes. The desktop solution is a REST API that can be used by any application including web browser, windows, and unix based point of sale systems. For more information on how to add EMV to your desktop solution, click here.