New products, Research, regulation, industry reports

Retailers fight back against EMV fraud liability shift

Sienna Kossman

I’ve had chip cards in my wallet for months now, but I can count on one hand the number of local retailers with chip card readers that are actually turned on. You’d think they would want to be as EMV-ready as possible so as not make themselves liable for fraud costs under the EMV liability rules. The Oct. 1, 2015, liability shift deadline is nearly six months behind us, after all.

But for retailers it’s not that simple.

A survey conducted by The Strawhecker Group, a consulting firm for the electronics payment industry, found EMV merchant adoption is progressing slower than expected post-Oct. 1: Only 37 percent of retailers are EMV-ready. The group cited “technical staff resource availability” and “lack of payment processor readiness” as key reasons more retailers have not come online.

While many store owners have already invested in updating their old point-of-sale terminals, not all new EMV terminals are ready for use. They need to be certified by both a retailer’s payment processor/acquirer and the card brands first, and that’s taking awhile.

“It’s perfectly reasonable that a whole new credit card system should have to be certified to ensure that it’s working properly,” said J. Craig Shearman, vice president of government relations and public affairs for the National Retail Federation. “What’s not reasonable is that the card industry should insist on certification, set an arbitrary deadline — and then fail to see that there were enough technicians to get the job done on time.”

With the delay in certification is a delay in EMV compliance, which could make retailers liable for fraud charge-back costs under the new rules. A couple of stores are fighting back, claiming the liability shift or the banks behind the shift, more specifically — is causing them unfair costs while their machines stand uncertified.

Two small Florida merchants, Milam’s Market and Grove Liquors, have filed a class-action lawsuit against the four major card networks — Visa, MasterCard, Discover, and American Express — and a handful of card-issuing banks, claiming they have forced merchants to pay unfair fraud-related expenses as a result of slow certifications.

“In what defendants truthfully enough dubbed a ‘Liability Shift,’ the issuing banks and the Networks decreed that, as of that Oct. 1, 2015, liability for billions of dollars of card-present charge-backs would shift from the issuing banks to the merchants, unless the merchants could satisfy certain conditions – conditions, it would turn out, which were impossible for the Class members to meet and which the Networks, the Issuing Banks and EMVCo knew were impossible to meet,” the lawsuit contends.

The merchants claim that despite their efforts to purchase and install EMV-compliant point-of-sale equipment and train staff about the switch to EMV chip card payments, card brands and issuing banks failed to ensure the merchants’ new terminals were certified EMV-ready by the liability shift date.

As a result, the merchants said they racked up thousands of dollars of fraudulent transaction charge-back costs and fees between Oct. 1, 2015, through Feb. 15, 2016, that they’d never faced before.

They also say they had little choice in the matter: “For American merchants, like those in the Class, accepting credit and charge cards is a prerequisite and necessity for doing business. Customers expect to be able to use their plastic when they make a purchase and will often choose simply not to do business with a merchant who
doesn’t accept a card.”

The lawsuit is asking the court to order card brands and banks to pay all affected merchants for the fraud costs that have been shifted onto merchants’ shoulders.

Milam’s Market and Grove Liquors LLC probably aren’t the only small businesses facing this problem, either, according to Gartner analyst Avivah Litan, who recently blogged about this lawsuit.

“The merchants point out that their fraud rates and charges have risen more than 20 times since the October 2015 EMV deadlines that shift liability from the banks to merchants for card-present card fraud, if merchants are not accepting chip transactions,” she wrote. “This is unfair, because merchants cannot accept EMV chip card transactions unless their equipment is EMV-certified, and there is a long backlog and queue for this certification process. The plaintiffs did what they could and installed the necessary EMV equipment long ago, but cannot turn the chip readers on. Many card-accepting companies throughout the U.S. are in the same position.”

Litan noted that Gartner thought as early as last September that certification delays could pose a problem post-liability shift, but it had no idea just how troublesome the problem might become.

“I hope this suit does set a new precedent and forces the card brands to take more ownership of this problem by delaying the liability shift until the certification queue is cleared,” she added.

I hope so, too. After I read about this lawsuit, I started wondering if POS terminal certification delays are why so many of the retailers I frequent have little signs taped over the card slots of their new fancy EMV terminals with notes that read “Do not use!” or “Swipe card!”

Do you own a business that’s facing EMV migration issues like these? Let us know in the comments. I’ll be closely watching this lawsuit and issue going forward.

Join the Discussion

We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, we ask that you do not disclose confidential or personal information such as your bank account numbers, social security numbers, etc. Keep in mind that anything you post may be disclosed, published, transmitted or reused.

The editorial content on is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.

  • jill tropino

    In January we had a charge of almost 4,000 dollars go through. Two weeks later we were told it was a counterfeit card. We ordered the new readers immediately in October. We only got the readers just last week. Of course we are missing two terminals. Now we have to get them linked up with our POS system. I am also hearing that most of the readers at other stores don’t even work. I am told I am now liable even though I have his signed receipt, a video of him buying the purchase and a police report. Why is the person who had their identity stolen not responsible also? Or at least the place it happened at. I still do not have readers working. Our store is large and it is not s simple thing to get them going. Let alone as I said we don’t have them all. My credit card processor is saying he can give me some free standing terminals now that hook up to a phone line. Seems like we are going backwards. Then how to I get that sale listed on the right cash register when I have ten registers? Very frustrated here.