Credit card processor Visa has unveiled big plans to introduce mobile payment technologies to the United States market, announcing plans to roll out dual-mode chips in its credit card processing infrastructure that will support both Near-Field Communications (NFC) and Europay, MasterCard, and Visa (EMV) standard that has already seen strong adoption internationally. To encourage merchants and partners to adopt the technology, Visa also plans to roll out “incentives” that will make it easier for merchants to go with mobile-enabled processing systems rather than stick with what they’re using now.
“For several years, Visa has been talking with clients and merchants on this subject—and now more than ever before, we’re hearing confirmation that chip is the right direction for the U.S.,” wrote Visa’s chief enterprise risk officer Ellen Richey, in the company blog. “We believe our program offers the right level of direction and encouragement for merchant and issuer adoption of chip—at the right time. With a commercial framework in place, our goal is to enhance security and support the next generation of payments.”
Although Visa plans to continue supporting so-called “static” identification for some time—PIN numbers and signatures—the company envisions its payment network converting over to dynamic authentication, which make it very difficult for a criminal to put fraudulent charges through a point-of-sale system even if a users’ payment information or mobile device are compromised. Dynamic authentication is valid only for a single transaction, where static authentication via a PIN or signature can easily be faked repeatedly once the authenticating information is compromised. Dynamic authentication can also be performed offline, using cryptographic processing built into a consumer’s card or device itself.
To encourage merchants to adopt dynamic authentication, Visa is setting some important deadlines. By October 1, 2012, Visa will eliminate the need for merchants to get their PCI compliance certified so lone as 75 percent of their transactions come from chip-enabled terminal that support both contact and contactless chip acceptance. On April 1, 2013 (no foolin’!) Visa will require processors and subprocessors to accept merchant chip transactions, and on October 1, 2015 Visa plans to shift responsibility for point-of-sale fraud: if a merchant hasn’t adopted chip-enabled point-of-sale terminals, the merchant’s acquirer will be responsible for fraudulent charges, rather than the merchant itself. That means credit card processors will have a big incentive to push the technology to all their merchants—or potentially face major liability.