The new EMV credit card terminals are meant to cut back on card fraud at the point of sale. The EMV liability shift is also moving more fraud liability away from the major card brands and financial institutions and back in the direction of merchants who don't happen to be using the new terminals. However, it's really about protecting everyone in the payment chain, especially consumers and merchants, from exposure in the event of fraudulent card use. In addition to this agent of protection, you need to consider other smart card data security practices—particularly those that reduce your risk of data theft.
Hacking vs. Stealing
Let's make this clear: hacking is stealing, but it's a very distinct type of stealing. Rather than snatching a purse, hackers get virtual data from small businesses and then use it in a follow-on counterfeit schemes. This is one of the reasons that EMV credit card terminals becomes important. It can stop the use of fraudulently created cards stolen from elsewhere. When you're working in an online environment, let's say your online website, that's why it's also wise to use address verification and card identity indicators that are available to you. Again, they can stop efforts to use card information that's been fraudulently obtained. Customers may appreciate the extra step you're taking in terms of protecting their identity. You'll appreciate avoiding the liabilities, financial and damage to your brand reputation, that come with charges made fraudulently or as a result of stolen data.
Manipulating the Data
If technology is something you don't quite understand, you may want to consider turning over the burden of protection through encryption and tokenization services. Every day customers put a lot of powerful information directly into your hands, and it can't be taken lightly. Having a processor that also provides services such as point-to-point encryption and tokenization give you more peace of mind in the processing of payments. For online payments, tokenization can be a helpful data protector. And, fully-sourced checkout experiences can almost entirely remove data from your business altogether. The best part about it is, you can still regain control of that data should you need it again. In most instances, encrypted and tokenized data is off no value to those who obtain it criminally.
People Are People
Your security, your customers' security isn't about horrible people hiding behind technology, it's about incentives and habits. It's difficult to stop someone who will stop at nothing to achieve a goal, both in the virtual and physical world. However, most people will move on if they're expending too much effort on a particular task. As a business owner, you need to be aware if security isn't on your list of priorities and if so, considering stepping up your game. Regardless of whether or not you let a third party take more of the responsibility, you should also have another trusted person in your company who can double-check procedures and protocols. Criminals should have several barriers in the way to stop them from getting a hold of your data, not just a new chip terminal. The good thing about credit card security is that sometimes a little attention thrown on the problem can go a long way in terms of stopping an attack or preventing the use of fraudulently obtained card information.