Card Not Present

We use IVR for all our credit card transactions. How will EMV change this?

Posted On: March 21st 2011

Will not change at all. You can even make it more secure with Chip by implementing additional authentication methods like CAP (2 factor authentication)
Source: Collis

At first, it won't change anything.
Source: Canadian Tire Financial Services

Completely. The card will need to be present and interacting with a chip-enabled terminal or you will be engaging in a card-not-present transaction with all the fraud liability risks that go with it.
Source: Ombudsman for Banking Services Financial Investments

We hear that there is no technology that eliminates the card-not-present fraud, so why should we spend money to convert to EMV, because much of our business is card-not-present?

Posted On: March 21st 2011

One of the biggest advantages of EMV that is allows for multi-factor authentication in CNP situation. This means that you can add various authentication methods using your card. 3D secure is an example of additional security in CNP environment. Furthermore, using the Chip for authentication also simplifies the whole CNP transaction experience for the used (use a CAP/DPA reader for example)
Source: Collis

There is a feature available for chip cards that allow customers to prove that the card is present and that they know their PIN. This is done using a handheld 'Chip Authentication Program' or CAP reader. At this time, the North American market is nowhere near being able to release this however, this technology can help to prove that the card is present and the customer is authenticated.
Source: Canadian Tire Financial Services

It is true that even with successes of EMV deployment in reducing CP (card-present) fraud, migration to card-not-present (CNP) transactions has developed. Advances in security technologies help prevent CNP fraud when these are properly used here is the US and globally. Combined with EMV, they can be even a more effective means of reducing CNP fraud.
Source: Inside Secure

Fair point. EMV is not suited to this challenge. There are likely processes and services available that can help address card-not-present fraud. Speak to your acquirer about them. Note that as chip cards are deployed and limit current popular modes of fraud attack, you can expect a dramatic increase in card-not-present fraud.
Source: Ombudsman for Banking Services Financial Investments

How will we process card-not-present transactions and who will be liable for the fraud?

Posted On: March 21st 2011

The processing of CNP transactions is no different with EMV than with Magstripe cards. Card not Present states that the card is not there, so this has not much to do with EMV? Liability for fraud In CNP environment depends on the liability shift that is empowered.
Source: Collis

Card-not-present transactions do not really change with the adoption of chip technology into the market. Liability stays the same as today.
Source: Canadian Tire Financial Services

That will depend on the card scheme rules in your jurisdiction. But I predict that you (the merchant) will be liable for the fraud.
Source: Ombudsman for Banking Services Financial Investments

How do I process telephone orders?

Posted On: March 21st 2011

Same as with Magstripe
Source: Collis

In the same way you do today in the mag world.
Source: Canadian Tire Financial Services

Until customers have their own chip terminals deployed in a secure environment (phones, computers, etc.), you will likely not be able to reap the benefits of EMV. Liability for fraud will depend on the card scheme rules in your jurisdiction. Check with your acquirer and your scheme rules. But I predict that you (the merchant) will find yourself liable for the fraud in a telephone order environment.
Source: Ombudsman for Banking Services Financial Investments

What impact will chip cards have on my online business?

Posted On: March 21st 2011

Nothing if you do not implement online security programs like 3-D secure and/or multi-factor authentication. If you are a merchant and you do want to make use of multifactor authentication than you need to get a plug-in on your web checkout.
Source: Collis

None at first, in the future, you will be able to leverage chip technology as a tool to further secure and add features to your website, however, the market still has a lot of work to do before we get there.
Source: Canadian Tire Financial Services

Until customers have their own chip terminals deployed in a secure environment (computers, PDAs, etc.), you will likely not be able to reap the benefits of EMV. Liability for fraud will depend on the card scheme rules in your jurisdiction. Check with your acquirer and your scheme rules. But I predict that you (the merchant) will find yourself liable for the fraud in an on-line order environment. I suggest you look into services like Verified by Visa that provide added protection for on-line merchants. I see this used for high-value purchases in Canada like airline tickets and event tickets.
Source: Ombudsman for Banking Services Financial Investments