Getting to know your EMV chip card

3 things issuers should know 

1.    Not all EMV chips are the same

2.    Chip card behavior and profile types

3.    How the liability shift may positively affect your institution

#1 Not all EMV chips are the same

There are several types of EMV chips cards in the market today: Standard, Contactless, and Dual Interface.

The EMV chip is a computer microchip which stores card data. During an EMV transaction, a cryptogram is generated by the computer microchip producing a one-time unique code for each transaction. The application on the chip, which includes a processor (Vantiv) key, is used to authorize the transaction.

Just like most magnetic stripe cards, EMV chips have a limited life span. Visa and MasterCard automatically grant three years before the chip expiration date and most chip life spans can be extended up to 6 years total. It is up to the card brands to determine whether they want to extend the chip life.  This means that the cards must be personalized and issued by the time the chip expires; it does not impact the cards once they are on the street.

Extending the life of the chip is something that your card provider (Vantiv) can help you take care of. You should reach out to your provider (your Vantiv conversion manager or relationship manager) to learn more.

#2 Chip card behavior and profile types

The behavior of the EMV chip card is determined by a combination of the Point of Sale system (POS) and the EMV chip profile. The profile contains the application which resides within the actual EMV chip. Both the profile and the POS will influence whether the cardholder will need to enter their pin, or if they can bypass entering their pin and simply provide a signature, or even in some cases provide no verification method whatsoever.

This table highlights some of the profile types for both Visa and MasterCard:

Card Brand

Profile Name

Application Description

MasterCard Debit

19/61

US Common AID – Online PIN, No CVM; Global AID –Online PIN, Signature, No CVM; Offline CAM

MasterCard Debit

 20/61

US Common AID – Online PIN, No CVM; Global AID –Signature, Online PIN, No CVM; Offline CAM

MasterCard Debit

35/61

US Common AID – Online PIN, No CVM; Global AID –Online PIN, Signature, No CVM

MasterCard Debit

34/61

US Common AID – Online PIN, No CVM; Global AID – Signature, Online PIN, No CVM

Visa Debit

Visa Standard

US Common AID – Online PIN, No CVM; Global AID – Signature, Online PIN, No CVM

MasterCard Credit

19

Global AID –Online PIN, Signature, No CVM

MasterCard Credit

20

Global AID –Signature, Online PIN, No CVM

Visa Credit

Visa Standard

Global AID – Signature, Online PIN, No CVM

Until the over 12 million point-of-sale terminals have been updated, there are many possible outcomes that could occur when your cardholders use their chip card to make an in store purchase.

Here are the most common outcomes:

  • Insert chip card, communication with the chip is initiated verifying the card is valid; card is then removed from the payment terminal once the transaction is completed.
  • Insert chip card, communication with the chip is initiated verifying the card is valid; cardholder will either be prompted for a pin, or a signature, card is then removed from the payment terminal once transaction is completed.
  • Chip card is swiped, communication with the chip cannot be initiated, transaction ran using magnetic stripe, and cardholder provides a signature.

#3 How the liability shift may positively affect your institution

Before October 1, 2015 the liability for counterfeit fraud was paid by the financial institution. And, if your institution still has not issued EMV chip cards and your cardholders use a magnetic strip card tied to your institution at a merchant location that is using an EMV capable payment terminal, you are still likely to pay for fraudulent charges.

In comparison, if you have issued EMV chip cards and your cardholder uses your EMV chip card at a merchant location that does not have an EMV chip enabled payment terminal, the liability for counterfeit fraud will now shift to the merchant.

In summary, if an EMV chip card is used at a merchant's terminal that is not EMV compatible, the liability in the occurrence of fraud will shift from the financial institution to the merchant, as they are now the weakest security point in the transaction.