Posted on Wed, Jul. 25, 2012
last updated: July 31, 2012 06:25:02 PM
At a bustling H&M clothing store in Torontos chic downtown area, Canadian shoppers rack up purchases on their debit and credit cards, unaware that theyre getting a level of protection that U.S. consumers lack.
Canadian consumers are issued credit and debit cards that have embedded chip technology, shorthanded as EMV, which provides them a greater layer of security. The chips make it difficult for criminal rings to fabricate counterfeit cards or traffic in stolen cards.
Theres no question that chip-and-PIN is a much safer technology than signature-based cards, which are a lot easier to replicate, said Diane Brisebois, the president and CEO of the Retail Council of Canada, the national trade group for retailers.
Canadas consumer protection is all the more striking given that the United States generated about 27 percent of payment-card purchases yet accounted for 47 percent of global payment-card fraud, the industry newsletter The Nilson Report said last November.
Why is fraud in the United States, which amounted to more than $3.56 billion in losses in 2010, so high? The report and retailers point to the relatively sparse use of the EMV technology, named for the big companies Europay, MasterCard and Visa.
EMVs embedded chips foil counterfeiters because the chips transmit different unique numbers to the payment processors each time the cards are used rather than customers name and signatures. In Canada, the chips are paired with personal identification numbers to add another level of security
The chip cards also arent as exposed to data breaches since names arent transmitted and thus arent in the pool of data that computer hackers often seek. Armed with names and card numbers, organized crime rings can create counterfeit credit and debit cards for use anywhere in the world.
When Americans travel to Toronto or other Canadian cities, their cards still work. But Canadian retailers, whose swipe machines generally accept both chips and signatures, are put at greater risk for fraud and losses.
We still have to accept signature-based cards, so our risk is as great on those transactions, but theyre not the majority of our transactions, Brisebois said.
However, when Canadians travel to U.S. cities, such as the New York border hub of Buffalo, they often cant use their cards, especially debit cards, because of the antiquated card readers that many U.S. merchants use.
We cant take them. They have to use cash, said Nicole Wawrzyniak, the manager of Beauty Plus Salon, a shop in Buffalos high-end Walden Galleria Mall. Some of them get angry, but it is what it is.
Canadian merchants were required to shift to the new card readers about two years ago, although the technology was pioneered in Europe, where chip-embedded cards have been the norm for more than a decade.
Some U.S. banks have issued the high-tech cards to wealthy customers who are likely to travel to Europe for business or pleasure, but they arent commonplace. Most Americans use cards whose only verification is a signature, which merchants often never check.
What weve had for a number of years is a flawed card system in this country, and as a consequence of this consumers and merchants are frankly less secure in using cards here than they are in other parts of the world, said Mallory Duncan, a senior vice president for the National Retail Federation in Washington.
The U.S. trade group has pushed for greater adoption of EMV technology, in part because merchants traditionally have borne much of the cost of fraud. The group alleges that Americans dont enjoy the same level of protection as Canadians because banks can stick the losses to someone else.
Banks found ways to pass on fraud costs to merchants. . . . As long as you can cause somebody else to pay for the fraud losses, there is less incentive for finding alternatives, Duncan said.
Credit card companies dispute that, arguing that merchants have balked at the cost of switching to the new technology, which requires new machinery at the checkout counter and expensive software.
We have been constantly looking at incentives to adopt the EMV chips, said Stephanie Ericksen, who heads Visas office in charge of products that authenticate that card users are who they say they are.
Production costs also are coming down, falling from $3 to $5 per chip card to a dollar or less.
Thats a huge price difference, said Ericksen, who added that the point-of-sale chip-accepting machines also were cheaper now and that it had become much more cost effective. The price points have really come down.
Visa began an aggressive push last year for EMV chip-enabled cards, boasting more than a million in circulation at the end of 2011. The card company has told merchants they have until 2015 to switch to card-reading machines that recognize the embedded-chip cards.
As an incentive for adopting the technology, Visa is waiving certain annual certification of compliance with data security standards if more than 75 percent of a merchants Visa transactions originate on terminals that are capable of handling chip cards.
Thats the carrot, but theres also a stick: As of Oct. 1, 2015, merchants that have stuck with the old signature-based credit cards will incur complete liability for any fraud. The liability shift will be delayed to Oct. 1, 2017, for merchants who sell fuel.
It all means that within five years, the entire burden for losses from stolen or counterfeit cards will shift to merchants, unless they embrace the new technology. They fear theyll bear the cost in any event.
If youre expecting us to install equipment, whats the quid pro quo? Thats part of the negotiation thats going to be going on now, said Duncan, of the National Retail Federation . If everyone benefits from fraud reduction, then the savings should be shared.
Asked whether the reduced fraud has meant shared savings, Brisebois, the head of Canadian retailers group, laughed.
No, its not shared. The retailer pays for it, she said, noting that merchants arent enjoying lower fees or other benefits. The less fraud, more savings for everybody has not materialized.
Email: email@example.com; Twitter: @KevinGHall