For the black magnetic stripes on the backs of your credit and debit cards, Thursday will mark the beginning of the end — a shift that could be costly for retailers.
Since the beginning of credit cards, merchants were never liable if a thief used a stolen or counterfeit credit card to shop; the bank issuing the card usually made both the customer and the store whole.
But starting Thursday a subtle shift happens. If retailers who don’t follow new procedures for credit card security, including the use of new cards that include embedded computer chips, then they will have to pay for what thieves steal.
“It’s another thing we have to deal with,” says Bob Gereke, who owns the pottery studio Mud, Sweat, and Tears in New York City. “There’s so many, and this one can be important.”
Gereke says he’s pretty on top of the changes but still isn’t ready.
The new cards, each of which has a unique microchip inside that makes it difficult to forge, already are in widespread use in Europe. But in the United States, the industry is way behind.
To read chip-embedded cards, Gereke will need new equipment. He signed up for a reader earlier this year, but because of unprecedented demand it won’t arrive until December. He says the whole process is frustrating — and come Thursday, will potentially leave him on the hook for fraud.
Most small businesses remain unaware of that risk, says Holly Wade, director of research and policy analysis at the National Federation of Independent Business.
“It’s frightening for small business owners thinking that they might be hit with higher costs, more liability in their business, and not knowing what they need to do to comply,” Wade says.
In the rush to make electronic payments more secure, the credit card industry has been diligently working to get retailers up to speed. They started with the big stores, and the ones where fake cards tend to be used the most, like electronics stores.
“We’re really where we expect to be, considering that Oct. 1 is the start line,” says Stephanie Ericksen, Visa’s vice president of global risk products. “We know it takes many countries about four to five years to get to greater than 90 percent of their volume to being at chip cards used at a chip terminal.”
Critics say that not only will the new chip cards be an extra burden for small businesses, they also may not add that much security.
For example, the new chip cards will not prevent theft from online retailers, since there’s no way for them to check your card’s chip over the Internet. And the new cards don’t prevent hackers from entering the computer systems of big companies like Target or Home Depot and stealing credit card data.
But defenders of the new cards say the chips will help a lot.
Jason Oxman, CEO of the Electronic Transactions Association, says the chip cards make stolen credit card data less valuable to hackers.
“It prevents them from using those stolen account numbers to make cards, and then go out and use those counterfeit cards to buy goods and services at retail,” he says.
But that strategy only works when the majority stores are ready — and many still say they aren’t.