risk of loss make more sense than accepting the known
costs associated with the new technology?
It’s still a valid question—and one that may have even
more complexities now. To make an informed decision, fuel
marketers and the distributors and service companies that
advise them have to consider at least
five more questions:
1. How Many Chip-
Will Be in Use?
The wisdom of a major investment in EMV technology is, in part,
a function of how many customers
will use the new generation of cards. And that, in turn, is a
function of how many cards will be issued in the coming
Let’s look at the dollars and cents. The typical credit
card issuer will spend about $1.30 to produce or buy each
chip-enabled card. That compares to just 10¢ for a traditional
Traditionally, card issuers have not charged customers for
their credit cards. That customer-friendly policy makes sense
when the cost of the card is relatively small. But it will be
much harder for issuers to easily absorb the costs of the much
more expensive chip-enabled cards.
Certainly, card issuers could attempt to recoup those costs
through a direct charge for the card, new account fees, higher
interest rates or some other mechanism. But that would be
a major shift that almost certainly would generate consumer
complaints. The safer approach—and the one that issuers
seem to have adopted so far—is to issue new EMV-enabled
cards sparingly, mostly to customers who travel frequently
to other nations that have well-established EMV payment
2. Will the Cards Prevent Fraud?
Credit card fraud is real. In 2012, U.S. merchants and
banks reported losses of $11.3 billion as a result of stolen
and fraudulent card transactions. That’s a big number in one
sense, but it’s only about 5¢ on every $100 of credit card sales,
according to the Nilson Report, a payment-industry newsletter.
Fuel marketers are on the front lines of this battle. Earlier
this year, in fact, New York indicted four defendants on charges
of skimming pay-at-the pump dispensers
to steal customer bank data, which was
subsequently used to obtain more than
$2 million in cash at ATMs.
With widespread adoption, EMV
security features would reduce fraud to
some extent. But quantifying the savings
is a guessing game. Published estimates
of the savings range anywhere from $1.1
to $5.65 billion per year.
Clearly, however, EMV can’t possibly eliminate all credit
card fraud. For example, EMV would not have prevented the
massive breach that exposed the confidential data of millions
of Target, Neiman Marcus and other retail customers during
the 2013 holiday season. In those cases, the point of attack
occurred before the data were encrypted at the POS terminal,
Anecdotally, another recent—and ironic—incident raises
questions about the efficacy of EMV itself. In February of this
year, David Marcus, the president of PayPal, found “a ton of
fraudulent transactions” on his EMV-ready credit card after a
recent trip to Europe. How the fraud occurred has not been
disclosed. However, researchers at the University of Cambridge
have reported some success in hacking the “random number”
generator that is built into EMV encryption formulas. If that
report proves accurate, it may be that EMV technology needs
some improvement to realize its full potential.
The EMV-enabled cards typically issued in the United
States present another obstacle. To put it simply, our cards are
not like those in many other countries.
Most countries use a “chip-and-PIN” system. The
cardholder must enter a PIN (personal identification number)
when conducting a transaction with an EMV card. The PIN
still offer more security
than simple magnetic-strip
cards, but they are less
secure than they could be.