U.S. banks and other companies may already be closer to EMV compliance than they realize, says Mansour Karimzadeh, managing director and chief technology officer of payment consultant and technology company SCIL.
"If you're doing authorization on mag stripe you have the system in place, you just need to plug in EMV for authorization," Karimzadeh said in an interview at the Cartes America conference this week in Las Vegas. "It can be done with minimum effort and is quick to market."
SCIL, which has offices in Ontario and New York, this week debuted its QuickStart EMV platform, which provides a series of plug-in modules that allow parts of a payment or card issuing system to upgrade to EMV without requiring a full replacement of legacy systems.
"Nobody will change a whole system to make it EMV compliant," Karimzadeh says.
The components include data preparation, key management, EMV simulators, card production, risk management, card management, script management and transaction authorization. SCIL acts as a reseller, and the plug-ins are designed to reduce the migration to a few weeks, as opposed to months.
"For data analysis and fraud prevention, for example, you just add in additional processing capabilities," Karimzadeh says.
Other companies also offer components that allow merchants to upgrade to EMV while maintaining their existing technology. For example, VeriFone allows gas stations add new payment hardware without replacing the whole pump, and then sell advertising on video screens to offset the cost of the upgrade.
"One of the big issues with EMV that's putting the brakes on is the massive investment in infrastructure that has been made, and this existing infrastructure doesn't take EMV cards," says John Bycroft, an executive vice president at London-based Insider Technologies, which uses SCIL to resell its Sentra security and fraud management system in the U.S.
Sentra uses social network tracking, sentiment analysis and other data to spot vulnerabilities that may not be protected by EMV, such as the exploit used in the recent Target data breach.
"Sentra can spot a trend in social media, or something like a quick uptick in the use of credit cards to buy gift cards, a sign of fraud, and allow a bank to get on top of something such as a data breach quickly," he says.
There are also individual use cases. "If your card gets turned down when you're traveling, people generally go onto Facebook and complain about that," he says. "Sentra can spot that."