If you’ve ever made a purchase by inserting instead of swiping your credit or debit card, then you already know how to use EMV chip cards. If you’re a business that accepts card payments from customers in person, your card reader likely already accepts these “dipped” chip payments. But even if you’ve been using this method for years, you might not know what EMV chip cards are, how they work, and why this payment technology has seen widespread global adoption as the new industry standard in the last 10 years.
EMVCo, the organization that manages EMV technology, reported in 2021 that 66% of issued cards are equipped with EMV, and more than 86% of all card-present transactions globally use EMV chip technology. EMV chip cards are a dominant presence in the world of card payments, so it makes sense for businesses to know as much as possible about how they work and why they’re significantly more secure than traditional swiped card payments.
Here’s everything you need to know about EMV, the card technology that has raised the bar for secure payments.
What’s in this article?
- What does EMV stand for?
- What is EMV?
- What are EMV chip cards?
- Chip-and-PIN
- Chip-and-signature
- Chip-and-PIN
- How does EMV technology work?
- How do EMV card readers work?
- Contactless EMV card payments
- Are EMV chip card payments secure?
- How to use EMV chip cards
- How to accept EMV payments as a business
What does EMV stand for?
EMV stands for Europay, Visa, and Mastercard, which are the credit card companies that spearheaded the development and widespread adoption of this chip technology.
What is EMV?
EMV is a payment technology that uses a tiny, powerful chip embedded in credit and debit cards to make card transactions more secure. It was developed in the mid-1990s and has since become the standard for secure card payments. EMV technology is overseen by an organization called EMVCo, which includes among its members major credit card companies like Mastercard, Visa, American Express, Discover, JCB, and UnionPay.
What are EMV chip cards?
EMV chip cards are credit and debit cards embedded with a small computer chip. It is this chip, and not the magnetic stripe (magstripe) on the back of the card, that transmits payment data to the card reader during a transaction. Although the EMV chip conducts transactions without the help of the card’s magstripe, chip cards are typically still equipped with a magstripe.
There are two types of EMV chip cards:
Chip-and-PIN
These cards, considered the more secure option, require cardholders to create a PIN number and enter that number at the point of sale (POS) to authenticate the transaction. The payment can’t proceed without the PIN number.Chip-and-signature
These cards require cardholders to provide a signature for each transaction, to verify their identity.
Originally, both types of EMV chip cards required the cardholder’s signature on every transaction, but this has become less common over time. While some businesses still ask for customer signatures, credit card companies have enough additional fraud protection measures in place that this step is not as important as it once was. Here’s a list of popular card issuers and whether their cards use chip-and-PIN or chip-and-signature.
EMV technology is still relatively new, although you would hardly know this from its widespread adoption. By the time EMV chip cards began gaining popularity in the US around 2011, they were already standard across Europe. US adoption got a leg up in 2015, when newly introduced fraud liability regulations stipulated that any merchant or card issuer that didn’t switch over to EMV technology would be liable for losses resulting from fraud and would be subject to fines. Those serious repercussions for businesses demonstrate just how much of a difference EMV technology makes when it comes to fraud mitigation and consumer protection.
As of September 2019, according to Visa, 3.7 million US businesses accept EMV cards—an 825% increase from September 2015.
How does EMV technology work?
EMV chips are exponentially more secure than the magnetic stripes on cards, in large part because they don’t transmit the card’s real number during a transaction. Instead, they generate a unique code for every purchase and send that code to the business’s card reader. This is a radical departure from the mechanism that powers magnetic stripe transactions, wherein the card number itself is present on the stripe and is transmitted to the card reader during each transaction.
The codes generated by EMV cards can’t be replicated, used more than once, or easily faked—protecting EMV cards from the security vulnerabilities that plague magstripe payments.
How do EMV card readers work?
EMV card readers are designed to read data contained within each card’s embedded EMV chip. The chip sends encrypted data to the card reader in a similar way that a magstripe transmits the card number—but with a few key differences. Here’s a quick breakdown of how EMV chip payments work:
- When a customer submits a card for payment during in-person checkout, instead of swiping the card, they insert it into the card reader. The card must be inserted chip side up, chip end first. This process is called “dipping.”
- Once inserted, the EMV chip transmits to the card reader an encrypted, one-time code containing the card information. This is what makes EMV chip payments much more secure than swiped card payments: The real card number is never transmitted, and therefore remains protected in the event of a security breach.
- To allow the purchase to proceed, the customer must provide either their PIN or their signature, depending on whether the card is a chip-and-PIN or a chip-and-signature.
- From this point, the transaction proceeds like any other card payment: The card reader transmits the payment data to the business’s POS, which sends it to the payment processor, who then contacts the card issuer for authorization.
- Finally, the card’s issuer will return either an approval or a rejection, which will appear on the business’s POS, concluding the transaction.
Contactless EMV card payments
Increasingly, many EMV chip cards are enabled with the ability to make contactless payments using near-field communication (NFC) technology. This gives cardholders the option to “tap to pay” instead of dipping their card. Both types of EMV payments are encrypted and therefore highly secure.
Are EMV chip card payments secure?
Yes, EMV chip cards are very safe, especially compared with magstripe transactions. The EMV chip was originally introduced in an effort to reduce credit card fraud, and it has been wildly successful. According to Visa, credit cards with chips reduced card-present counterfeit payment fraud by 76% from 2015 to 2018.
As we have seen, the impressive security of EMV card transactions is a result of encryption technology. Because EMV cards use unique codes for each transaction, instead of transmitting the real card number, it’s much harder for a potential fraudulent actor to obtain customers’ card numbers—even in the event of a security breach.
How to use EMV chip cards
For in-person transactions, using an EMV chip card is fast and intuitive. Here’s how it works for an in-person purchase:
Insert or tap card
EMV chip cards must be inserted into a card reader chip side up or tapped against a card reader (if both the card and card reader are enabled for NFC contactless payments).Enter PIN if required
Some EMV chip cards require a PIN number to authenticate the transaction. While there’s a trend toward more cards using PIN numbers to authenticate purchases, rather than signatures, many cards still don’t require them.Provide signature if required
While this isn’t as common as it used to be, some businesses still have policies that require customer signatures on card transactions for additional security against fraud.Remove card when prompted
Most card readers or POS terminals will indicate when a transaction is complete and the cardholder can safely remove their card.
EMV chips are not used for online purchases, since online transactions are card-not-present (CNP) by nature, and thus don’t use this physical component of cards.
How to accept EMV payments as a business
Most modern card readers are equipped to accept EMV chip payments. Unless you’re working with a much older POS system or card reader, you probably don’t need to take any additional steps to accept EMV chip card payments from customers. Stripe Reader M2, the latest model of card reader for Stripe users, is EMV certified and comes ready to use for EMV chip, contactless, and swipe payments.
If you want to accept EMV payments from customers, and you don’t currently have a card reader—perhaps you process card payments manually or you previously operated exclusively online—you’ll need to reach out to your payment processor and ask them what card reader hardware you should use. If you don’t yet have a payment processor who supports in-person card payments, you can register for Stripe here.
本文中的内容仅供一般信息和教育目的,不应被解释为法律或税务建议。Stripe 不保证或担保文章中信息的准确性、完整性、充分性或时效性。您应该寻求在您的司法管辖区获得执业许可的合格律师或会计师的建议,以就您的特定情况提供建议。