Restaurant Security: EMV and PCI Fraud Safeguards
If EMV and PCI are just letters to you, you should know that these acronyms represent important security standards for your business.
Did you know that if a guest uses a counterfeit or stolen, chip-enabled payment card in your restaurant, and if you are not using an EMV card reader, you are liable for any and all chargebacks? Chargebacks of this kind are on the rise.
When you use an EMV PIN pad to process payment, liability for card-present chargebacks is transferred back to the card issuer. So you’re no longer on the hook for those charges. If you’re seeing an uptick in card-present fraud, it’s time to take another look at EMV.
If your EMV solution supports tokenization and end-to-end encryption, you’re another step closer to limiting your PCI scope. Currently, end to end encryption is only supported with certain combinations of web ordering and payment providers. Do your homework, and choose carefully.
Every step closer to full EMV and end-to-end encryption lowers your risk—and may reduce your PCI compliance costs.
Some of the security benefits include:
- Combating counterfeit fraud.
- Support for convenient contactless payments like NFC “tap” and Apple Pay.
- Potential additional savings by waiving the annual PCI-DSS audit if you process more than 75% of transactions through an EMV certified device.
While EMV transactions can be slightly slower than traditional card swipe transactions, contactless payment is significantly faster. And popular with consumers, who love the convenience.
Are EMV card readers worth the expense? Look first at the number of card present transactions you are processing each month. EMV won’t eliminate card-not-present chargebacks on deliveries, for instance.
Whether you opt to add EMV or not, it’s critical to safeguard your business by using a PCI-validated POS system, having quarterly network scans, and completing an annual PCI assessment.
Beyond the point of sale, the scope of PCI compliance includes data safeguards and controlling access to customer information. For help with PCI, refer to your POS provider’s PA-DSS Implementation Guide.