news.cuna.org/articles/108388-newtek-survey-only-41-of-merchants-emv-ready

Newtek survey: Only 41% of merchants EMV-ready

November 13, 2015

NEW YORK (11/13/15)--Only 41% of business owners have a point-of-sale (POS) terminal or other method of taking credit and debit payments that is EMV compliant, according to survey conducted by Newtek Business Services Corp., The Small Business Authority.

Of those without an EMV-compliant terminal, 53% do not plan on upgrading their terminals to become EMV compliant.

The survey, conducted in October, included 1,300 business owners.

“These October poll results are incredibly insightful as they comport with current trends and data that we are hearing from the major payment processors,” said Barry Sloane, chair/president/CEO of The Small Business Authority. “With the Oct. 1 deadline for EMV compliance behind us, we are now at the point in the payments business where businesses or card acceptors are being asked to have payment acceptance hardware that can read a microchip in a credit or debit card.

“Prior to Oct. 1, a fraudulent card swiped by magnetic-stripe readers would cause the financial institution that issued the Visa or MasterCard to incur the loss,” Sloane continued. “Now that the deadline has passed, the merchant taking a card with a microchip on it must have a terminal that is EMV compliant with downloaded software to read the chip. Without the hardware and software, if a fraudulent card is taken, the merchant will be responsible for the fraud risk, instead of the issuing financial institution." 

CUNA maintains that while technologies such as EMV and tokenization may help begin to curb the growing problem of data security, ultimately, these technologies alone are inadequate to address the exploding problem of breaches of consumer financial information through retailers' systems.

CUNA strongly argues that if the U.S. Congress wants to stanch the data flow, it must impose on merchants the same magnitude of strict regulations on payment data protection that financial institutions must meet, especially because the majority of breaches occur at retailers' stores.