This Insights was contributed by Richard Pasquantonio, CPA/CFF, CFE, CDFA (NC License Number 33577), an associate at Adam Shay CPA, PLLC.
We have all heard the phrase “Let the buyer beware.” A parent, grandparent or trusted confidant probably shared this relevant advice as you searched for your first used car or starter home. “Let the buyer beware” is good advice that has been around for a long time. The phrase comes from the Latin, Caveat Emptor, and arises from information asymmetry, where the buyer typically has less information about the good or service they are purchasing, while the seller has more information.
However, if you are a retailer or service provider that accepts credit card payments and have not adopted the technology to process the "new" credit card technology that uses the Europay, MasterCard or Visa (EMV) chip, then you may be liable for any payment frauds that occur as a result. SELLER BEWARE! However, it is worth noting that many equipment providers and payment processors are delayed and currently accepting liability as long as specific criteria to that provider or processors is met. Let me briefly explain the change in technology.
Until the introduction of EMV, all face-to-face credit or debit card transactions used a magnetic stripe to read and record account data, and a signature for verification. Under that system, the customer presents his or her card to the clerk, who “swipes” the card through a magnetic reader. The system then verifies account details and prints a slip for the customer to sign. Next, the clerk verifies that the customer's signature matches that on the back of the card to authenticate the transaction.
The data on the magnetic stripes of old cards contains all of the information that a potential fraudster needs to convert your card’s data to cold hard cash. In contrast, each EMV card transaction produces a distinctive transaction code that can never be used again. This unique code makes it much more difficult for fraudsters to convert stolen data into cash. Now back to our retail and service providers.
Typically, when a counterfeit or stolen card is used to make an in-store purchase, the legitimate card holder’s loss from that transaction is shared by the payment processor or the bank. According to the website CreditCards.com, after an Oct. 1, 2015 deadline created by major U.S. credit card issuers MasterCard, Visa, Discover and American Express, the liability for card-present fraud will shift to whichever party is the least EMV-compliant in a fraudulent transaction. This requires merchants to invest capital into new in-store technology, new processing systems and training.
The major credit card issuers each have published detailed schedules about the upcoming shift in liability. The change is intended to help bring the entire payment industry on board with EMV by encouraging compliance to avoid liability costs. CreditCards.com has an EMV Dates Chart-Card Networks Chart prepared by Verifone Systems Inc. that provides a summary of the major credit card companies’ policy.
As a result of the these policy changes, businesses that accept credit and debit card payments and are not EMV compliant may have much higher exposure to liability in the event of a large data breach. Retailers and service providers who have not invested in the new EMV readers should consider doing so or contacting their legal counsel and insurance providers to assist in assessing the risks.
My goal today was to help businesses understand the liability for fraudulent purchases that they are exposed to if they failed to become EMV compliant since the October 1, 2015 deadline.
Richard Pasquantonio, CPA/CFF, CFE, CDFA (NC License Number 33577), is an associate at Adam Shay CPA, PLLC. He focuses on forensic accounting, fraud prevention and detection, and tax controversy resolution. Richard is also an AICPA CFF Champion. The purpose of the CFF Champion program is to inform the professional community about the vital role of forensic accounting professionals, the knowledge required to become a CFF, and the benefits of the CFF credential. For more information, visit http://www.wilmingtontaxesandaccounting.com/ or email him at [email protected]. He can also be reached by phone at 910-256-3456.
Adam Shay, CPA (NC License Number 35961), MBA, is managing partner of Adam Shay CPA, PLLC. He focuses on minimizing taxes and improving the financial results of entrepreneurs, and is actively involved in supporting the Wilmington entrepreneurial and startup community. For more information, visit http://www.wilmingtontaxesandaccounting.com/ or email him at [email protected]. He can also be reached by phone at 910-256-3456.
Christina Haley O'Neal - Sep 24, 2018
Johanna Cano - Sep 24, 2018
Cece Nunn - Sep 24, 2018
WordCamp Wilmington was among the events canceled because of Hurricane Florence....
Images from the area ahead of and in the aftermath of Hurricane Florence....
Wilmington-based Marpac is crashing further into the sleep industry with a line of products to help people get shut eye....