It is absolutely astonishing how technology has changed the way we support ourselves and our loved ones. Access to money has been made simple and instantaneous thanks to a global infrastructure of ATM machines and credit card processing technology. I rarely carry cash in my wallet, because everything I need to purchase can be done by just swiping my debit card through a Point of Sale (PoS) system at a store or by purchasing items online. The convenience and simplicity of using a credit/debit card has led to hundreds of millions of transactions daily. With all of that data on the move, the question that lingers on the minds of many is data security.
In the last few years, cyber-crimes have skyrocketed. According to the 2014 US State of Cybercrime Survey, the FBI notified over 3,000 US businesses that they had been victims of cyber intrusions. Pricewaterhouse Cooper’s 2014 Global Economic Crime Survey also had some very eye opening statistics. According to the survey, 7% of US businesses lost $1 million or more and 19% lost $50,000 to $1 million. Compared to Global businesses, this was 5% higher for losses over $1 million and 11% higher for losses of $50,000 to $1 million. If that isn’t enough to indicate that the US has a data security problem, remember the data breaches of Target and Anthem that led to tens of millions of customer records being stolen. So what is the rest of the world doing that the US is not?
Many countries around the globe have adopted a new standard for credit/debit cards called Europay, MasterCard and Visa (EMV). EMV cards contain a microprocessor that does a better job securing information than a magnetic strip. As reported by American Express, Discover, JCB, MasterCard, UnionPay and Visa at Q4 in 2013 – EMV terminal adoption in Western Europe is at 99.9%, Canada at 84.7%, 71.4% in Asia Pacific and .03% in the US. The US is obviously behind the eight ball compared to the rest of the world, but that is going to change fast. EMV compliance is required for credit card acquirers and processors, though it’s not mandated for merchants and processors. But merchants who don’t meet compliance by October 2015 will assume liability for fraudulent purchases—a shift that is poised to drive many to adopt the new standards and avoid the risk.
So what impact will this have on US businesses? Businesses will have to review their point-of-sale systems, including in-store hardware and software. The transition could prove easier for small operations, which may be able to move to EMV by simply adding a new external pin pad. But the larger quick-serve chains will likely have to invest heavily as they look to upgrade thousands of terminals and systems. A small price to pay to keep my data and your data out of the wrong hands.