EMV stands for Europay, Mastercard, and Visa, a proprietary standard created by several major payment networks to combat card-present fraud committed with counterfeit payment cards. EMV cards contain a small computerized microchip that stores data used to transmit information to the payment terminal, or POS device. When a customer inserts a chip card into a chip-enabled payment terminal, the chip creates a unique, one-time security code specific to that transaction, and sends it to the payment terminal to authenticate the transaction. Unlike traditional payment cards that use a magnetic stripe to store cardholder information, the chip card security code changes every time the card is used, so even if the code is intercepted it cannot be used again for another transaction. And the chip itself cannot be cloned to produce a counterfeit card.

The biggest reason for upgrading to chip-enabled payment terminals is to protect your business from fraud due to counterfeit cards. Accepting chip cards adds an extra level of security for card-present transactions. Suppose a customer presents a chip card to make a purchase; if you don’t have a chip-enabled card reader and must swipe the card instead, you may be liable for any fraud that occurs as a result of that transaction if the card is counterfeit.

Yes. Chip-enabled payment terminals are “backwards compatible,” meaning you can accept magnetic stripe cards from issuers that have not yet converted to chip technology. At this time, chip-enabled payment terminals will continue to include magnetic stripe readers.

If you are unable to process a transaction because of a damaged chip, for instance, or a faulty card reader, this feature allows you to complete the transaction by swiping the card. This is known as a “fallback” transaction. Depending on the card brand’s rules for fallback transactions, if the fallback transaction is properly formatted and approved online, the issuer assumes liability; otherwise, you may be held responsible for any fraud that occurs.

EMV technology protects against the likelihood of card-present fraud due to counterfeit cards, but it does not prevent all types of fraudulent transactions. To ensure you’re protecting your customers’ data and to remain out of scope for Payment Card Industry (PCI) compliance, you still need to use point-to-point encryption (P2PE) and tokenization.