EMV: Retail's $35 Billion "Money Pit"
October 1, 2015 will usher into US Retail the single biggest tax being levied upon it since Y2K. This is the date of the liability shift due the the EMV Mandate set by the card brands. On this date liability for fraudulent card card transactions shifts from the bank to the portion of the payment process that is not EMV compliant.
Various estimates quoted by the NRF, NACS and other industry associations estimate the total cost to the industry of over $35b when factoring in the cost of new equipment, new software for POS and payment devices, certification, installation, training, and 1.2 Billion new chip cards in the US. Yet even this number is small compared to the additional labor costs and customer service disruptions that will occur just before the holidays.
EMV is a technology that is trying to solve a problem of 15 years ago. And it was 13 years ago when Europe implemented the security measures. But things have changed since then and EMV is taking massive amounts of budget away from real security for retailers to meet this deadline.
This report looks at the costs for retailers, the costs for vendors per POS application, and the impact on the performance of the front end of retailers along with recommendations for retailers and how vendors can best advise their clients.
There is a small subset of retailers that will benefit from EMV adoption, however, for the vast majority of retailers that are not on the front lines of the card fraud today, this mandate is a huge “money pit” that they will never recover the losses from, making it a giant tax. In fact, beyond the tax the mandate actually slows retail's progress towards it's primary goals of secure, unified commerce that provides a seamless customer experience for their consumers regardless of how they choose to shop.
This report reviews the entire card payment process and the mystery around the processing of credit cards and debit cards; “Where there's mystery there's margin.” Further, we review the PCI process and provide insight into the numerous data breaches of the last 2 years. What caused them? Why is PCI only done as an event and not a process (hint: overwhelming cost)?
Next we explain what EMV is, why it is different in the US than the rest of the world and why we believe it will be a disaster when rolled out in October for most of retail.
Then we look at the readiness of the different stakeholders in the process and the great disconnect between what people expect the impact on transaction speed is and what the reality is. (It ain't pretty).
After this we talk about how EMV is only part of a security solution and really the least important for where retailers want to go and then recommend a better way.
We end with recommendations for retailers, vendors, and consultancies as to how to approach EMV.
Format: SlideDoc - Can be read as document or used as presentation format.
Current Readiness of Retailers
Source: Retail 2018 - IHL/RIS News Store Systems Study