The ongoing debate over the economic benefits of a mass-market migration to EMV chip cards in the US has heated up, with US retailers and a senior Fed staffer raising red flags over the anticipated impact on fraud levels.
Moves by the card schemes to shift liability for fraudulent card fraud payments to US merchants take effect in October 2015, providing a strong incentive for retailers to re-eqip their POS networks to accept EMV chip cards.
But at a payments conference organised by automated clearing house Nacha in San Diego this week, three of the nation's largest retailers hit back, arguing that the move to EMV will impose huge costs for a minimal reduction in fraud rates.
For retailers such as hamburger chain Wendy's - which already accepts PIN debit at the checkout - the fraud rate is so small "it's hardly worth mentioning," said Gavin Waugh, Wendy's vice president and assistant treasurer. "Even if we pay the fraud liability, it's a whole lot cheaper than putting in (new EMV) terminals."
Others were concerned that the introduction of EMV at the check-out would simply shift the attak vectors to weaker alternative channels, such as card-not-present and ACH fraud.
Equally, the failure to enforce a shift to PIN at the point-of-sale - with issuers prepared to still accept signature authorisation - remains a weak point, notes Kansas City Fed economist Richard Sullivan in a just-published paper
While chip-based cards will counteract the threat from counterfeit copies, he notes, "fraudsters may put more effort into stealing computer-chip payment cards, knowing that they may be able to commit a few fraudulent transactions using a forged signature before issuers cut off use of the card".
And in the absence of a commitment by issuers and card schemes to move to 3D-secure or chip card authentication at the PC, fraud in online channels can also be expected to increase, says Sullivan,
A bigger cause for concern, however, is that the US does not yet have a comprehensive system for collecting and reporting statistics on payment fraud, which would allow the industry to respond swiftly and effectively to new attacks.
Sullivan argues that the UK system for capturing and monitoring such information was a critical asset enabling the payment card industry to respond to the new trends in fraud that emerged during the transition to chip-and-PIN cards.
"In the absence of critical information on the sources and types of card payment fraud, efforts aimed at limiting fraud may be misdirected and wasteful," states Sullivan. "Both regulators and the card payment industry could benefit from mechanisms to measure the levels and sources of fraud and to identify who pays the price-and how much is paid-for the nation's losses from payment card fraud."