22
Quarter1
f e a t u r e
{
Is EMV Practical for a Restaurant?
At first glance, the financial value to a restaurant is questionable, as
one must consider the liability shift mandated by the card brands
and the volume of fraudulent cards that a small business receives
today versus the cost of installing an EMV-enabled terminal.
However, incidents of fraudulent cards being presented at small
business locations will increase as national chains move forward
with implementing EMV and criminals begin to seek out non-EMV
supporting businesses. Cardholders will eventually recognize the
security improvements offered by EMV, and will look to make
purchases from merchants with an EMV solution.
Restaurants will want to be viewed as a secure place to dine and
will be influenced by the growing awareness of their customers.
Additionally, EMV—specifically contactless EMV—brings NFC
acceptance with it, and marketing opportunities such as the ones
provided by Apple Pay, Softcard, Google or other mobile wallet
programs. Eventually, NFC might be a driving force along with
other point-of-touch technologies such as QR codes.
So, in the long run, the answer is yes—EMV will be practical and
beneficial for small merchants. Most new terminals being sold
today have an integrated EMV contact reader, so it will be simpler
for a merchant to start accepting EMV when it is time.
There are behavioral and operational issues to overcome at QSR
and fast casual concepts as well as casual and fine dining concepts.
QSRs and fast casual operations will need to re-engineer their
counter operations and, where applicable, their drive-through
outlets. Casual and fine dining establishments will have to assist
servers and customers to adjust to paying at the table.
Is EMV Secure?
EMV is secure. EMV’s payment security approach is based on
smartcard technology that adds dynamic security data to the
transaction stream, rendering replay of payment transactions
unpractical. Additionally, every card contains its own
microprocessor chip, making the cards nearly impossible to
economically counterfeit. Using EMV improves the security of
payment transactions in three areas:
•
Dynamic card authentication protects against counterfeit cards.
•
Cardholder verification using PIN authenticates the cardholder
and protects against acceptance of lost and stolen cards.
•
Transaction authorization using issuer-defined rules to authorize
transactions reduces the chance for transaction interception or
“man-in-the-middle” attacks.
EMV cards contain a secure integrated chip that is tamper resistant
and includes a variety of hardware and software capabilities that
immediately detect and react to tampering attempts, thus countering
possible attacks. However, EMV does not encrypt the cardholder
account number or other transaction information that hackers can
monetize, thus the need for additional security. Additionally, each
EMV card issued in the U.S. will still carry a magnetic stripe that
could be skimmed and used fraudulently.
Heartland Secure
Heartland SecureTM is a comprehensive card data security
solution that combines three powerful technologies, working in
unison, to provide merchants with the highest level of security
available to protect against card-present data fraud. Featuring the
only warranty of its kind in the payments industry, this exclusive
solution is designed to provide businesses with security against
point-of-sale (POS) intrusions, insider misuse, and other common
sources of data fraud, by eliminating the opportunity for criminals
to monetize card data.
Offered to Heartland customers for no extra
service fees, Heartland Secure combines:
•
EMV electronic chip card technology to authenticate that a
consumer’s card is genuine;
•
Heartland’s end-to-end encryption technology, which immediately
encrypts card data as it is entered so that no one else can read it; and
•
Tokenization technology, which replaces card data with “tokens”
that can be used for returns and repeat purchases, but are
unusable by outsiders and have no value.
How Do End-to-End Encryption and Tokenization Work with EMV?
End-to-end encryption encrypts the cardholder information,
making card data indiscernible as it enters the payment cycle. In
the event of firewalls or network security being breached, hackers
and criminals gain nothing of commercial value. Captured and
encrypted card data cannot be used to make counterfeit cards or
fraudulent phone/mail/online purchases. Magnetic stripe swiped
and EMV transactions are encrypted prior to leaving the terminal
so the transactions and cardholder information is sent encrypted
through your network, over the Internet, and to Heartland without
