American consumers are finally getting on board with new chip-enabled credit cards — but retailers aren't following suit, leaving them vulnerable to fraud, according to a study released Thursday.
Seventy percent of U.S. credit card holders have EMV chip cards, according to CreditCards.com. Meanwhile, between 22 percent and 37 percent of retailers have adopted the technology, the survey said, citing research from Boston Retail Partners and The Strawhecker Group.
"Consumers have the chip-enabled cards and are looking to use them," said Rob Cameron, chief product and marketing officer at Moneris, one of the largest debit and credit card processors in North America. "We've certainly seen an increase in interest from our merchants in moving toward EMV-enabled terminals."
The deadline for converting to the new cards was October, when merchants became financially responsible for fraudulent charges on credit cards, according CreditCards.com, which in March conducted telephone surveys of more than 900 people who owned major credit cards. EMV adoption tends to be higher among older, college-educated consumers and men, while it is less common in rural areas, the study found.
Chip cards are meant to be more secure in part because they prevent skimming, where scammers copy the information on the magnetic strip and use it to make duplicate credit cards, Cameron said.
"Let's say someone has skimmed a credit card and comes into your store, and the real credit card has the mag stripe and chip, but the fake one just has a mag stripe on it," Cameron said. "If they come to your store and they buy a television set and you don't have the EMV terminals, then you won't be able to go back to the credit card company and get money for that TV. You'll lose the money."
CreditCards.com found that retailers need to "step up" their payment systems, squaring with similar research from credit card search engine CardHub: 42 percent of retailers have not updated any of the terminals in their store, according to CardHub's February survey of 55 major retailers and 1,000 individuals. The share of out-of-date point of sale terminals is even more among those that have experienced data breaches in the past five years, the CardHub survey found.
To be sure, many mega-retailers, like Walmart and Target, have been switched to EMV for months, meaning that a lion's share of America's total shopping terminals have been converted, said J. Craig Shearman of trade group the National Retail Federation. Indeed, Shearman said that most merchants were ready for the switch but are stuck waiting months for certification from card issuers to turn on their new machines.
"Actually it's time for the bank and the card industry to step up," Shearman said. "Some of [our members] have had to wait months to get anybody to certify their systems. Even if this were 100 percent installed, the new cards don't do nearly as much as they could. Without a pin, a thief could still scribble any illegible scrawl and walk away with merchandise."
For other smaller vendors, it is simply a matter of finding time to train staff during an already busy shopping day, especially for low-transaction-value stores that are less impacted by fraud, Cameron said. Still, investing the time now could be worth it later, he said.
"Taking fraud out of the systems, will save not only money but also time because it will mean more of the transactions are good," Cameron said.