Merchants are expressing concern about the U.S. transition to EMV-chip payment cards because of what they view as technical challenges and industry politics.
"Eventually, this technology will be broken [by fraudsters], and you have to ask if there is any value in going into a process like this," said John Gapinski, president of Secured Retail Networks, at the annual Ramp Mobile Retail Services Conference. "If I was a merchant, I wouldn't do it."
At the same conference, which took place in April, Dee O'Malley, senior director of payment acceptance for Best Buy Co. Inc., said the EMV switch in the U.S. has numerous problems, such the division among issuers over whether to support the use of a PIN with EMV cards as added security.
From the beginning, few expected a smooth transition as the entire U.S. converted from magnetic-stripe technology to the EMV standard common in other countries.
For one thing, debate is continuing here over a common code, or application identifier, for routing debit transactions and providing merchants a choice of networks as mandated by the Durbin amendment.
"The common debit code is taking up so much bandwidth and attention that many in the industry are not looking past that to ask what's next with EMV migration," says Randy Vanderhoof, executive director of the Smart Card Alliance.
For more than a year, EMV discussions have addressed the common code as a dilemma unique to the U.S. Other countries using the EMV standard have just a single debit network, thus obviating the need for codes for multiple networks or federal mandates about merchant routing choices.
Earlier this year, Visa, MasterCard and Discover each offered their own technologies as to route all EMV debit transactions. After comparing the options, the Secure Remote Payments Council, representing independent PIN debit networks, chose Discover's approach to establish an independent and open network.
Visa continues to offer its technology as a multi-access option that has been expanded to include PIN, contactless, Near Field Communication mobile and no-CVM transactions.
Still, there is no definitive agreement to allow a single application code on the EMV debit cards and terminals, meaning merchants and issuers could possibly find themselves dealing with at least three codes on EMV cards.
"Fewer [codes] is better because it is more streamlined, more right-sized," says Carolyn Balfany, MasterCard's senior vice president and group head of U.S. product delivery.
No one in the payments industry wants to complicate the issue, Balfany says. "Durbin introduced a level of complexity already, and that's when MasterCard opened its technology for use."
Despite an apparent stalemate with the card brands and independent networks regarding a common code, Balfany says recent collaboration between members of debit committees at the EMV Migration Forum "has been terrific" in terms of coming to grips with the possibility of working with three codes and understanding what to do as differing transaction scenarios arise.
"We have three applications for routing transactions, with each of them being open to participation, so each entity will make choices and each issuer will make decisions on what to do," Balfany adds.
But Mark Horwedel, CEO of the Merchant Advisory Group, doesn't foresee merchants accepting any scenario beyond a single common debit code.
"If this is not resolved, you won't see many cards issued and not many terminals accepting EMV debit," Horwedel says. "I don't think the banks or merchants are happy with the three applications."
Even if the industry were to resolve the common-code issue, the EMV transition is wrought with concerns. Consternation has grown rapidly since the major card brands announced timelines in August 2011 for whether the merchant, processor or issuing banks would take liability for fraud based on who was or wasn't prepared for EMV acceptance.
Many merchants are seeking chip-and-PIN technology instead of chip-and-signature to take full advantage of EMV's security. They also want answers on how the networks plan to protect card-not-present transactions, if fraud moves online as it is driven away from EMV-protected terminals.
"Many of the merchants I talk to are wondering why they have to spend money for EMV upgrades to solve the issuers' fraud problems, but they are getting nothing in return when asking for PIN protection or card-not-present security," Horwedel says.
The cost of EMV conversion in the U.S. is significant because about 12 million terminals have to be upgraded at between $200 and $300 each, says Julie Conroy, senior analyst and fraud expert with Boston-based Aite Group.
At the same time, some describe EMV as 'old technology' because it was introduced in Europe in 1994. EMV's advanced age leaves merchants and issuers pondering what happen that could render EMV moot.
However, Thomas Lillelund of the CPI Card Group asserts that calling EMV old technology is akin to calling saying cars are old technology because they've had four wheels for more than a century.
"The technology around those four wheels has always been changing, and it is the same thing with EMV," Lillelund says. "Even though the EMV standard is 20 years old, the technology around it is very different."
An expanded version of this article is scheduled to appear in the July-August print issue of ISO&Agent magazine and on ISOandAgent.com.