Can I Accept EMV Cards from Customers Purchasing from my Online Business?

EMV technology plays no role in online payments. It also plays no role in telephone order or mail order payments. EMV (named after Europay, MasterCard, and Visa who designed and initiated the evolution in card security technology) is a new generation of credit and debit card that are issued with an embedded micro-chip that holds and transmits data to a specialized card-reader. This technology replaces the magnetic strip technology that has become risky and open to card-skimming by fraudsters, leaving card holders vulnerable to having their secure and sensitive card information placed in the hands of criminals who can replicate cards from the information skimmed from the magnetic strip.

The security technology built into EMV cards is only effective when the micro-chip data is read by a card reader. EMV cards look much the same as the magnetic strip cards; they are the same size, display the same card holder information, card number, expiry date and a Card Verification Code (CVC) on the back or front of the card. The only difference in appearance is the micro-chip on the front of the card.

Security measures to prevent online payment fraud

Online, telephonic and email card payments are referred to as “Card Not Present” transactions (CNP), and they are exactly what the name implies. The cardholder is not in the merchant’s presence to physically present the card for the merchant’s physical confirmation at the time of payment.

This means of card payment is a perfect hunting ground for fraudsters using skimmed information to buy products because the merchant does not see if anything looks suspicious about the card itself.

One means of trying to thwart fraudsters is the CVC (Card Verification Code) printed on the back or front of both micro-chipped and magnetic strip cards. This three or four digit code must be provided when a CNP payment is made. Despite the CVC code requirement, fraudsters still manage to obtain cardholders secure and sensitive information through various means.

EMV cards issued by MasterCard and Visa have an additional level of security through technology developed by them. MasterCard has introduced Chip Authentication Program (CAP), and Visa has introduced Dynamic Password Authentication (DPA), both to enhance cardholder security when conducting business via e-commerce suppliers.

The onus of utilizing either CAP or DPA falls on the cardholder and the merchant has no involvement other than back-end software implementation which is managed by the merchant card services provider.

Online trade is conducted as before

Online traders have yet to see any major changes to accepting online card payments for purchases because credit card technology has not yet evolved to protect cardholders secure and sensitive information. Still, there are many safeguards in place that merchant card service providers can offer to online business owners.  When signing up for a merchant account, it is highly recommended that you use a merchant account provider that uses military-grade encryption to protect your customers’ data.  You should also ensure that your merchant account provider has a solid reputation in the industry and complies with all current regulations, because the integrity of your business depends on the quality of the merchant card service provider that processes your card payment transactions.

For more information about EMV cards and online payment security or to sign up for a merchant account, you can call 1-888-924-2743 or go to Charge.com.