Skip to main content

A Shift in Liability for Credit Card Fraud

Philip R. Stein

For too long, “swiping” a credit card has had at least one meaning too many. There was “swiping” as it pertains to running the magnetic strip of your credit card inside the groove of a small payment terminal to make an in-person payment by credit card to a retailer. But there is also far too much of another kind of “swiping” that pertains to the counterfeiting of credit cards used in that fashion. The magnetic strips—essentially using the same technology used in cassette tapes made in the 1960s—have been too easy for fraudsters to track and then duplicate, running up unauthorized charges even for cardholders who had never lost physical possession of their cards. Traditionally, card issuers have been responsible for the costs of verified instances of credit card fraud and were undoubtedly not happy about bearing those costs.

As of October 1, there will now be a shift in liability in many instances. If card issuers have provided their customers with upgraded credit cards using EMV (the initials of Europay, MasterCard and Visa—the companies that pioneered the standard) chips,  the risk of loss for credit card fraud associated with transactions involving the upgraded cards will be borne by retailers that have not upgraded to EMV point-of-sale terminals (essentially, readers into which the chip portion of the card is inserted). Card issuers will still be liable for any fraud on cards that do not feature the new EMV technology.

Beyond the liability shift, the other major change that this transition heralds should be a significant decrease in fraudulent activity involving third parties’ unauthorized use of others’ credit cards. EMV chips make it virtually impossible to counterfeit credit cards. However, they will not necessarily prevent fraud in online transactions. Fraudsters who previously installed “skimmers” or related devices on point-of-sale terminals processing magnetic strip payments will likely now focus on online or phone transactions, as well as retailers not yet able to process in-store payments via EMV chip cards. This shift towards greater security for in-store transactions may place even more of a premium on ensuring the security of stored personal data—for businesses and individuals alike—since accessing a financial services company’s stored data with respect to sensitive customer financial information, for example, may be a criminal’s best remaining path to such illicitly obtained data.

The need for vigilance with private data therefore remains acute, but EMV chips offer a somewhat reassuring example of how technology upgrades can substantially mitigate the risk of certain types of hacks and resulting fraudulent activity.

Related Practices
YOU MIGHT ALSO LIKE
Speaking Engagement October 7, 2022
Martin A. Schwartz presents on the panel, Mixed Use/Vertical Subdivision Issues, Drafting & Operational Challenges and Solutions, at theRalph E. Boyer Institute on Condominium and Cluster Development, hosted by the University of Miami School of Law.
Blog October 5, 2022
Kim Kardashian found herself on the wrong side of the law when the SEC entered a cease-and-desist order against her (the “Kardashian Order”). This blog explains how this and other celebrity violations reflect the trend towards increased regulation of cryptocurrency in the U.S.
Publication September 30, 2022
South Florida emerged as one of the most sought after markets coming out of the COVID-19 pandemic.This migration of business and wealth to South Florida has fueled the expansion of the region’s franchising market.
VIEW MORE