You are currently viewing Guide to EMV Compliance

Guide to EMV Compliance

EMV technology is an effective way to combat card-skimming and counterfeiting. The major difference with EMV-compliant cards is that they contain an embedded microprocessor chip, as well as the traditional mag-stripe. The necessary data for payment transactions are contained within this chip and are protected with various advanced security technologies to prevent these methods of counterfeiting.

Expired Deadlines

The deadline to convert fully to EMV has come and gone. At this time, ATM owners wo are non-complaint are responsible for any fraudulent losses that are reported by cardholders. If the ATM owner continues being non-compliant they run the risk of shut off from the acquirer’s network.

The secure chip is essentially the safe-house that stores the cardholder’s information and also performs cryptographic processing. The security key stored within the chip are specially designed to prevent criminals from replicating them. The reasoning behind cards having both the chip and mag-stripe is due to the United States not being fully converted and also to provide a back up in case EMV card readers fail.

3 Essential Components for EMV Compliancy

  1. Card readers- ATM owners are required to equip their machines with EMVCo-approved EMV Level 1-compliant card readers and also PCI-complaint encrypting PIN pads. There are two options to meet this requirement. ATM owners can either install motorized EMV card readers or EMV dip card readers. The motorized readers allow cardholder behavior to remain the same. They simply insert their chip card the same way they insert mag-stripe cards. The dip card reader option means a significant change for the cardholder. They may have to either insert their card and leave it there for the duration of the transaction or possible even require them to insert the card twice. The “double dip” first time it is inserted the reader determines the card has a chip and the second time it reads the card.
  2. Software- EMVCo-approved Level 2-conpliant software kernel needs to be added to the ATM application software. It must be certified by EMVCo and will interface with the EMV card reader. The software kernel is responsible for performing tasks like authorizing users, communicating their transaction requests to issuers and completing the transaction. Older ATMs may require an upgraded memory and processor.
  3. Network- It is necessary for the acquirer’s ATM network to go through a thorough hardware and software testing to ensure it receives certification. This includes testing EMV card acceptance at the ATMs, transaction routing via the acquirer’s switch, and authorization of both on-us and off-us transactions.

Remote Management Options

As part of their EMV migration, ATM deployers should consider taking the opportunity to implement

remote software management. This can also be provided on an outsourced basis by selecting BaumTech’s Ultimate Plan which includes remote monitoring, software updates, etc..