A significant portion of the convenience store market has not made the necessary investments to upgrade their forecourt dispensers to support EMV chip transactions. Many operators assume that it will be better to ‘wait and see’ before making any financial investment in upgrades. While this approach is common, it also incurs serious business risks, including:
- Incurring an increase of more than 10x in EMV chargeback liabilities
- Experiencing unprecedented installation delays
- Being caught on the wrong side of the chargeback divide
- Failing to grasp Outdoor EMVs’ Total Cost of Ownership (TCO) and Return on Investment (ROI)
- Continuing exposure to cybersecurity vulnerabilities
An Increase of More than 10x in EMV Chargeback Liabilities
Many operators mistakenly believe that their current levels of credit card fraud are indicative of their future levels of fraud. This perspective is incorrect for two reasons. First, the credit card fraud that merchants are responsible for today only reflects the lost and stolen credit card fraud, which is typically only 10% of a store’s total credit card fraud. The remaining 90%—counterfeit fraud—is paid for by banks. After the mid‑April 2021 Outdoor EMV liability shift, any convenience store operator that fails to upgrade their dispensers to accept chip transactions will be held responsible for 100% of credit card fraud. For many operators, this will represent a 10x increase in their chargeback liabilities. Convenience store operators should proactively investigate their current levels of counterfeit credit card fraud.
In addition, the total credit card fraud on a per-store basis is expected to significantly increase for those stores that fail to support EMV chip transactions at the pump. This is because, after mid-April 2021, credit card fraud will shift toward the path of least resistance. Such sites will receive a disproportional amount of criminal activity. Over the next 7 years, potential chargebacks may exceed over $200K per store.
Some operators believe that they can ’wait and see’ to assess chargeback obligations before deciding on whether it makes sense to invest in the Outdoor EMV upgrade. While it is true that this tactic can work when credit card fraud increases incrementally in a controlled trend, there are many instances when credit card fraud increases dramatically—sometimes by over 300% from one month to the next. Operators that have been lulled into a false sense of security may be overwhelmed by next month’s credit card chargebacks.
Unprecedented Installation Delays
In North America, there are more than 120,000 convenience stores that sell fuel, and the entire industry is facing the need to comply with these new EMV credit card transaction requirements—all against the same deadline. The demand for the technicians who install these upgrades also exceeds the supply. Last year, the industry had more than 700 openings for forecourt technicians. Because of the technician shortage, convenience store operators that wait to be overwhelmed by monthly chargeback liabilities before ordering the Outdoor EMV upgrade will have no control over when the actual upgrade will take place.
COVID-19 has complicated this process, further limiting service technician availability, disrupting dispenser hardware manufacturing, and closing government permit offices. What would ordinarily take only a few weeks to coordinate may take 4+ months to schedule in certain markets. During each month of delay, the operator will still be held responsible for the likely escalating chargeback liabilities.
Outdoor EMV Chargeback Divide
Many operators assume that there is safety in numbers. Because operators think most convenience stores have not switched to supporting outdoor EMV transactions, they feel they can also wait. This perspective fails to consider that while most single-store operators—which make up the dominant share of the convenience store market—have not implemented the necessary upgrades, many multi-unit operators have already made the necessary investments.
Larger companies face larger EMV chargeback liabilities. Such companies also have greater resources to make the forecourt EMV upgrades. Together, these two factors create an EMV “have” versus “have not” divide in the convenience store industry. Multi-unit operators are successfully complying with the new guidance and avoiding EMV chargeback liabilities, while single-store operators are exposed. This will likely lead to greater consolidation—the larger will become larger while the aggregate market share of the smaller become smaller.
Total Cost of Ownership
Many operators have expressed great frustration at having to invest an enormous amount of capital into an initiative that does not directly contribute to increased store sales. As with any business, improving store profitability may be achieved by one of two methods: 1) increasing sales of higher profit items or 2) reducing operational costs. Capital investments into Outdoor EMV will dramatically lower monthly operational cost (chargeback liabilities). In many cases, the ROI may be achieved within a couple of years. Delaying the Outdoor EMV investment will only increase future operational costs. Failing to upgrade the forecourt dispensers to support EMV transactions may also undermine consumer traffic because consumers may seek stations that provide safer credit card transactions.
Beyond Outdoor EMV: Cybersecurity Vulnerabilities
The whole purpose of Outdoor EMV is to reduce the impact of fraudulent credit card transactions by providing a more secure method of conducting payments. Given the enormous investment of time and energy required, it is appropriate for convenience store operators to examine their store’s cybersecurity measures. So many convenience stores currently fail the most basic requirements of PCI compliance (e.g. store network scanning, employee training, daily log analysis, etc.)
In the event of a breach, operators that fail to meet PCI compliance will be held liable for all of the resulting financial losses. It does not make sense to make such significant capital investment in becoming Outdoor EMV compliant but leave the business exposed. It would be the homeowner equivalent of making enormous investments in a robust security system but leaving the backdoor unlocked.
Summary
Operators that have not invested and are not planning to comply with the requirement to support EMV chip transactions in the forecourt would be wise to revisit their assumptions. With proper planning, operators can avoid the potentially devastating consequences of the Outdoor EMV liability shift.
To learn more, please visit: https://www.hughes.com/who-we-serve/by-industry/retail-petroleum