Dangerous Assumptions About Outdoor EMV Liability Shift July 09, 2020 Tim Tang, Director, Enterprise Solutions EMV false A significant portion of the convenience store market has not made the necessary investments to upgrade their forecourt dispensers to support EMV chip transactions. Many operators assume that it will be better to ‘wait and see’ before making any financial investment in upgrades. While this approach is common, it also incurs serious business risks, including: Incurring an increase of more than 10x in EMV chargeback liabilities Experiencing unprecedented installation delays Being caught on the wrong side of the chargeback divide Failing to grasp Outdoor EMVs’ Total Cost of Ownership (TCO) and Return on Investment (ROI) Continuing exposure to cybersecurity vulnerabilities An Increase of More than 10x in EMV Chargeback Liabilities Many operators mistakenly believe that their current levels of credit card fraud are indicative of their future levels of fraud. This perspective is incorrect for two reasons. First, the credit card fraud that merchants are responsible for today only reflects the lost and stolen credit card fraud, which is typically only 10% of a store’s total credit card fraud. The remaining 90%—counterfeit fraud—is paid for by banks. After the mid‑April 2021 Outdoor EMV liability shift, any convenience store operator that fails to upgrade their dispensers to accept chip transactions will be held responsible for 100% of credit card fraud. For many operators, this will represent a 10x increase in their chargeback liabilities. Convenience store operators should proactively investigate their current levels of counterfeit credit card fraud. WANsform Your Enterprise Before you can transform customer experience, you must WANsform your enterprise. Learn how Hughes Managed SD-WAN is enabling digital transformation and achieving real results. MPLS vs. SD-WAN Why SD-WAN? WiFi Analytics: Insight Every Step of the Way Digital Signage Solutions: Engagement Starts Here SD-WAN Appliance: 4860 is SD-WAN transformation in a box In addition, the total credit card fraud on a per-store basis is expected to significantly increase for those stores that fail to support EMV chip transactions at the pump. This is because, after mid-April 2021, credit card fraud will shift toward the path of least resistance. Such sites will receive a disproportional amount of criminal activity. Over the next 7 years, potential chargebacks may exceed over $200K per store. Some operators believe that they can ’wait and see’ to assess chargeback obligations before deciding on whether it makes sense to invest in the Outdoor EMV upgrade. While it is true that this tactic can work when credit card fraud increases incrementally in a controlled trend, there are many instances when credit card fraud increases dramatically—sometimes by over 300% from one month to the next. Operators that have been lulled into a false sense of security may be overwhelmed by next month’s credit card chargebacks. Unprecedented Installation Delays In North America, there are more than 120,000 convenience stores that sell fuel, and the entire industry is facing the need to comply with these new EMV credit card transaction requirements—all against the same deadline. The demand for the technicians who install these upgrades also exceeds the supply. Last year, the industry had more than 700 openings for forecourt technicians. Because of the technician shortage, convenience store operators that wait to be overwhelmed by monthly chargeback liabilities before ordering the Outdoor EMV upgrade will have no control over when the actual upgrade will take place. COVID-19 has complicated this process, further limiting service technician availability, disrupting dispenser hardware manufacturing, and closing government permit offices. What would ordinarily take only a few weeks to coordinate may take 4+ months to schedule in certain markets. During each month of delay, the operator will still be held responsible for the likely escalating chargeback liabilities. Outdoor EMV Chargeback Divide Many operators assume that there is safety in numbers. Because operators think most convenience stores have not switched to supporting outdoor EMV transactions, they feel they can also wait. This perspective fails to consider that while most single-store operators—which make up the dominant share of the convenience store market—have not implemented the necessary upgrades, many multi-unit operators have already made the necessary investments. Larger companies face larger EMV chargeback liabilities. Such companies also have greater resources to make the forecourt EMV upgrades. Together, these two factors create an EMV “have” versus “have not” divide in the convenience store industry. Multi-unit operators are successfully complying with the new guidance and avoiding EMV chargeback liabilities, while single-store operators are exposed. This will likely lead to greater consolidation—the larger will become larger while the aggregate market share of the smaller become smaller. Total Cost of Ownership Many operators have expressed great frustration at having to invest an enormous amount of capital into an initiative that does not directly contribute to increased store sales. As with any business, improving store profitability may be achieved by one of two methods: 1) increasing sales of higher profit items or 2) reducing operational costs. Capital investments into Outdoor EMV will dramatically lower monthly operational cost (chargeback liabilities). In many cases, the ROI may be achieved within a couple of years. Delaying the Outdoor EMV investment will only increase future operational costs. Failing to upgrade the forecourt dispensers to support EMV transactions may also undermine consumer traffic because consumers may seek stations that provide safer credit card transactions. Beyond Outdoor EMV: Cybersecurity Vulnerabilities The whole purpose of Outdoor EMV is to reduce the impact of fraudulent credit card transactions by providing a more secure method of conducting payments. Given the enormous investment of time and energy required, it is appropriate for convenience store operators to examine their store’s cybersecurity measures. So many convenience stores currently fail the most basic requirements of PCI compliance (e.g. store network scanning, employee training, daily log analysis, etc.) In the event of a breach, operators that fail to meet PCI compliance will be held liable for all of the resulting financial losses. It does not make sense to make such significant capital investment in becoming Outdoor EMV compliant but leave the business exposed. It would be the homeowner equivalent of making enormous investments in a robust security system but leaving the backdoor unlocked. Summary Operators that have not invested and are not planning to comply with the requirement to support EMV chip transactions in the forecourt would be wise to revisit their assumptions. With proper planning, operators can avoid the potentially devastating consequences of the Outdoor EMV liability shift. To learn more, please visit: https://business.hughes.com/industries/retail-petroleum. About the Author Tim Tang helps distributed organizations achieve the promise of digital transformation by sharing ideas across industries and helping customers stay ahead of the ever-increasing pace of change. Follow Tim Tang on LinkedIn and Twitter @TimTang4Retail. Categories See All SD-WAN (54) Networking (26) Retail Technology (20) EMV (11) Managed Security (11) Managed Services (8) SASE (8) Conference (7) Edge Computing (6) Digital Media (5) WiFi Analytics (4) SCS (1) Popular Blogs Simplifying Hybrid Cloud ConnectivityMay 7, 2021 The Battle of Bandwidth: MPLS vs. SD-WANMay 11, 2021 With SD-WAN, Pursuing Hybrid Cloud Connectivity Might Be Simpler Than You ThinkMay 14, 2021 Hughes Scores Highest: Why the Gartner Critical Capabilities Study is So InformativeFeb 16, 2021 Retail’s COVID-19 Technology ChallengesFeb 19, 2021 Related Posts See All Outdoor EMV Liability: What Comes Next? Tim Tang, Director, Enterprise Solutions April 30, 2021 The Outdoor EMV C-store Cybersecurity Gap Tim Tang, Director, Enterprise Solutions February 22, 2021 More Cashless Transactions Mean Greater Need for Payment Protection and PCI Compliance Brittany Hilton December 17, 2020 5 Steps to Prepare for the EMV Liability Shift Brittany Hilton October 07, 2020 MNSP: Preparing for C-store Digital Transformation Tim Tang, Director, Enterprise Solutions August 11, 2020 ENJOY THIS POST? Provide your email below to receive a monthly round-up of what’s happening in the world of connectivity! First Name Last Name Email Company Campaign ID CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.