Pub. 3 2014 Issue 9

Some Banks have begun issuing smart chip cards that use the EMV (Europay, Mastercard and Visa) standard which has been used in Europe for many years. These smart chip cards utilize a unique authentication process for verifying credit and debit card transactions. They also require the use of smart chip compatible Point of Sale terminals and ATMs to complete these transactions. At this point, few merchants have actually installed the proper equipment to utilize this smart chip technology. However, the most recent VISA implementation guidelines indicate that some merchants will need to implement the smart chip technology by October, 2015 or face liability for counterfeit card transactions. For now, other merchants, such as fuel pump merchants and ATMs will not face this issue until October, 2017. Ask the kbs team Call KBS (785) 228-0000 to discuss this article, other loss prevention topics, or products to help protect your bottom line. Until technology solves this problem, KBS offers an insurance product that can help banks when a large number of the bank’s cards are compromised in a merchant breach incident. It is the Cost of Replacing Compromised Bank Cards Policy. The policy reim- burses the bank for the cost of replacing a large number of compromised bank cards, (usually more than 5% of the bank’s outstanding cards) as a result of an event or series of interrelated events, subject to a maximum cost per card and other terms and condi- tions. While many incidents never reach the 5% level, there is still a significant potential for breaches at businesses where the majority of your bank customers use their cards, such as a grocer or other popular retailer. Banks should begin implementing the smart chip technology as soon as reasonably possible to take full advantage of the shift in liability. The smart chip technology has many controls/limits a bank can select for groups of cards and on a card-by-card basis. Banks will need to become familiar with these different options to understand the risks involved in selecting these different controls/limits. While criminals will continue to steal, smart chip technology can considerably THWART THEIR EFFORTS. Losses from merchant breaches allowing criminals to counterfeit cards may be significantly reduced in the future. Banks, along with their card processors, also typically search through their affected accounts for past use at a common mer- chant. Sometimes the source of a security breach is easy to determine. However, when a large, frequently used merchant is at the center of the breach, it can be very hard to identify the common source. In the Heartland breach in 2008-09, banks suffered losses for almost a year before the breach’s source was discovered. Heartland processed payments for many merchants, making the source difficult to identify. THE SECOND TYPE OF LOSS IS THE COST OF REPLACING COMPROMISED CARDS. Replacement cost generally ranges between $5-$10 per card. There have been multiple incidents in the last two years where millions of cards were compromised by a breach at a merchant. At least two of these incidents resulted in the breach of 5% to 20% of the total cards issued by some banks. In the past, some banks looked at the high cost of replacing a multitude of cards and determined they would wait to replace the cards until some of the cards were actually counterfeited and used. Banks that chose to wait suffered significant losses more than six months to a year later. It is highly advisable to replace cards when they are known to be compromised.