Despite the looming liability shift for EMV and payment card fraud in the US, more than half of SMEs are reportedly not ready for the switch and, more critically, are ambivalent about the benefits of the technology. In addition, concerns over contactless theft in Australia are likely to fall on deaf ears among issuers. Despite the protests of law enforcement and regulators alike, the economics of combating fraud are far more critical to driving change than the moral issue of ignoring criminal behavior. This approach risks slowing the development and implementation of proven fraud prevention technologies that ultimately benefit everyone.
It’s the economics, stupid
Recent reports in the Wall Street Journal suggest that nearly two-thirds of US SMEs are unprepared for the EMV fraud liability shift on October 1, 2015. Many seem to be simply unaware of the changes; others do not see the economic benefit of investing in upgrading their technology relative to the level of fraud they experience. The cost of upgrading remains high, particularly for smaller businesses with tight margins. In essence, this is a repeat of the broader US market’s long-term reluctance around EMV in microcosm: the cost of perceived fraud is outweighed by the cost of preventing it. As a result, the level of risk represented by using older technology remains acceptable to many.
On the other side of the world the Australian parliament and local law enforcement recently called on banks to voluntarily introduce an opt-in to contactless card functionality. This follows a reported rise in contactless card theft and usage, something authorities felt was worsened by the banks’ very public zero-liability policies for consumers on contactless transactions. However, the direct cost of this additional fraud is estimated at approximately $100,000 per year; this is far outweighed by the cost and complexity of introducing fraud-prevention capabilities.
Nobody likes fraud and few organizations will readily admit that they are willing to accept some level of risk simply as a cost of doing business. However, if initiatives to combat fraud are not mandated by regulators, the motivation for implementing them (or not) lies squarely within the realm of economics rather than justice. As such, vendors and payment providers globally need to be able to pinpoint clear cost benefits of investing in fraud technology, not only relating to card-based fraud, but across payment channels. This includes increasing our understanding of the wider costs of fraud, such as the cost of investigation and dispute resolution and the risk of losing the business of victims of fraud.
Tokenization in the Payments Value Chain, IT0059-000027 (September 2015)
Ensuring security is the key challenge in emerging payments, IT0059-000005 (April 2015)
Gilles Ubaghs, Senior Analyst, Financial Services Technology