Cybersecurity | December 12th, 2015
Trio Of NYC Hospitality Group Member Firms Team To Offer EMV Compliance Strategies For Tri-State Ops
October 1st has come and gone but restaurants that are not yet EMV compliant have no reason to panic.
“Even though that was the date when they’re supposed to switch over to making credit card transactions EMV based, the world won’t end if they didn’t,” according to Jason Lee of Leebro, a point-of-sale (POS) software and hardware vendor. “It’s more a soft deadline,” he says. “But they should definitely begin looking into it.” As of October 1st, all New York City restaurants were to begin changing the way customers pay.
Instead of swiping a credit card, users will now insert them into payment processing devices. That’s because the magnetic strips on the cards will be replaced by computer chips. Many restaurants will have to upgrade POS hardware and software to accommodate the new way of paying, but in the end, it will protect them – and their customers – from credit card fraud.
Any restaurants that don’t provide EMV-certified payment processes will become liable at some point for any fraudulent credit card charges. The idea is all about security but it could wind up really hurting restaurants that don’t change over to the new technology.
Lee and his brothers came across this new way of paying as they traveled around the world in Europe and Asia back in the early 2000’s. “We noticed this new technology at the night clubs we visited,” he says. “People were ordering at the table and doing pay at table, and it blew our minds. It made so much sense. It made the whole experience more enjoyable. No more asking for the bill, then handing our cards over to the server and waiting for him to bring it back. We never saw this in the U.S. We knew the technology existed. We just had to find out who had it.”
So Leebro partnered with Digital Dining, a software platform, one of 60 dining offers in the U.S., based in New York City. “We were both ahead of our time,” Lee recalls.
Lee notes that two things have driven this new move to mobility. “The first was Apple when it came out with the iPad. It transformed the way people looked at how personal computing devices could be used in the business environment. It spanned generations — young kids, Millennials, baby boomers. Everyone had an iPad.”
“What happened was that technology stopped being this big barrier,” Lee says. “It took the science out of it. It was all of a sudden cool. And operators started thinking, why can’t I use this and replace these big clunky devices?”
Leebro was providing this payment processing solution five years ago but what catapulted it is EMV. “We were ahead of the curve,” Lee says.
James Fenske of TriSource Solutions got involved with Leebro as a merchant processor. “A lot of times a restaurant would have an online ordering POS system, and some other items they wanted to work together and they would be using multiple companies to do what one company could do. I came in, like a concierge, and started them off with one thing, then added on to that technology.”
Fenske said the company knew EMV was coming so it really started ramping up certification with POS companies like Digital Dining and other POS companies in other industries to become EMV-certified.
“While they’re implementing the new technology for EMV, we’re also providing higher levels of security with point-to-point encryption and tokenization,” Fenske says. “We work with multiple back-end processors. This way we can support multiple platforms because certain platforms might not be certified and the problem is, if you’re not certified or can’t work with multiple platforms or processors, when the time comes, somebody might want to work with you but you can’t support their software platform. That’s where we come in.”
TriSource bases its EMV certification on payment card industry guidelines. “That’s what has to be in place to accept EMV digital transactions,” Fenske explains. “We have labs that work directly with POS software vendors or independent software vendors, and then they’ll work with the application programming interface that the back-end processors provide and we continue running tests throughout the whole process until they’re certified.”
Lee points out that many people receiving new credit cards, especially from American Express, are now getting them with a big silver chip instead of a strip. “So we explain that it’s a technology called EMV (for Europay, Mastercard, Visa) and instead of swiping the card, it now will be inserted into a payment acceptance device and processed in that fashion,” he explains. “It’s a way to protect not just businesses that accept credit cards but individuals who have credit cards. Look at the Target and Home Depot breaches, very large corporations that are supposed to have big security departments. EMV provides much more security for payment transactions.”
While it’s not completely mandatory, supporting EMV transactions is strongly encouraged for all restaurants. “There will be a shift in liabilities,” says Lee. “In the past, if a fraudulent card is used at your business, you can provide proof that the customer was there – a signature, a receipt, validation that service was provided, and you can dispute that charge. With EMV, if that situation occurs and payment is not processed by EMV, you have no recourse. You’re 100% liable. You’re essentially out the money.”
So, how do you get an EMV POS system? If you’re using an existing POS system, the easiest way to become EMV-compliant is to simply get a standalone EMV payment device. “It won’t integrate with your POS system,” says Lee, “but it will make it so you can process EMV transactions so you won’t be liable for any of those fraudulent cards.”
In the event you want an integrated EMV solution, talk to a POS provider. “In that case you’d need a software and hardware upgrade. You’d also need to talk to a processor as well, as each credit card platform has a different strategy for EMV in terms of what types of devices they’ll certify. POS and processors need to work together to make sure the solution comes together and is operating,” says Fenske.
Another incentive to move over now? “We have the most sophisticated thiefs in the world in New York City and once they get wind they can use fraudulent credit cards and get away with it, they will. If a restaurant is not processing them by an EMV method and it happens, then a merchant will get motivated to put EMV in place because they’ll be losing hard dollars,” says Lee. “You’re going to have to do it. It’s just when.”
Only 15-20% of the credit card population has EMV-capable cards as of today, Fenske says. “After October 1, if that card was EMV-capable and you couldn’t support an EMV card and it becomes a fraudulent transaction, the liability is in the merchants’ hands.”
If restaurants are processing credit cards with a magnetic strip; it’s the same liability as it is now. “Until that card-issuing bank issues EMV cards, you won’t see a lot of this. Many cards not activated yet. They may have the chip but they’re not an EMV-supported card yet, like with standalone terminals,” Lee says.
“October 1 is the soft deadline,” says Fenske. “But I wouldn’t wait a year to implement EMV because the fraudsters out there will catch on in the first couple of months and merchants will start seeing the ensuing charge backs. By the first of the year, I’d start putting in motion steps to implement.”
Fenske says there are other benefits to upgrading systems to support EMV. “Even if the card population’s not there, a lot of new technology is being added on as people are adding this hardware – point-to-point, tokenization. These are going to protect you from these data breaches, over and above EMV.”
Merchants without a POS system in place, who are using standalone terminals, can work with companies like Leebo. “If you’re looking for a POS or have one, contact us,” Lee says. “We can put them in the right direction.”
Danny Mizrahi of Contango IT points out that restaurants might not want to put the R&D funds into EMV until they see customers need it. “It was the same with Windows Vista,” he says. “Google Glass came out and people said, I’m not going to develop for Google Glass because I don’t know if people are going to be buying it. And it fizzled. But what’s different about EMV is that it’s something that’s mandated. The U.S. is the only major economy that does not use this.”
In other countries customers need to enter pins into the payment processing devices. That’s coming, the men say, but right now it will be a slower transition. “You won’t have the waiter come to the table and say how much tip do you want to leave me, you simply put the card in the device. The card will still be handled by the wait staff. It’s not the way it’s supposed to be but the only way it can work initially,” says Lee. “POS stations will become wireless. Restaurants will have the standard POS and a small hand-held device that will come to the table with the waiter or it will be table side, already built in, when everything’s up and running. If you want to run transactions, you can run it right at the table, there’s no real interaction with the waiter. At a higher-end restaurant, the server will bring the device to you and handle most of it until it comes time to put the card in the system,” says Fenske.
“POS systems aren’t going to go away,” says Lee.
“What EMV is is an extension onto the POS system. You’ll have these devices that were traditionally integrated with the hardware that are now standalone devices connected by Blue tooth or Wii to POS terminals and the transaction is now processed through these devices. If your system is 10 years old, your software probably needs to be updated to use this new technology, and your hardware, as well.”
They advise restaurants looking to move into EMV to contact their POS company and merchant processor to review your situation first and see what is needed.
Credits to: www.totalfood.com
Like our articles? Get them in your inbox.
Cybersecurity | December 19th, 2022
The Human Firewall: The First Line Defense Against Cyber Attacksread
Cybersecurity | December 17th, 2022
Is There a Generational Difference When it Comes to Awareness of Phishing Emails?read
Cybersecurity | December 14th, 2022
How to Choose a Great IT Providerread
Blog | November 3rd, 2022
Phishing 101: The Biggest Cybersecurity Threat and How to Avoid Itread
Blog | September 12th, 2022
Top Reasons Why Businesses are Moving to Cloud Management Platforms this 2022read
You Are One Click Away From a Game Changing IT Support
Contact us todayGET STARTED