Camping World (CWI, Inc.)

Chip-and-signature credit cards without a PIN won’t stop data breaches, at least not according to the National Retail Federation.

Although the new U.S. mandate for EMV-compliant chip-and-signature payment cards is now in effect, the NRF on Oct. 7 told Congress that new chip-and-signature credit cards without a PIN will not stop data breaches. What’s more, small businesses should not be pressured to install the equipment to accept them at the expense of more effective technology, according to the organization.

Retailers have always experienced a tension between investing to grow and investing to improve security. Not surprisingly, we’ve seen vulnerabilities arise when marketing and sales initiatives have trumped less sexy initiatives around security. In 2013, 61 million people had their personal data stolen from Target. One year later, 56 million credit and debit card numbers were exposed in Home Depot’s breach.

The highly anticipated EMV deadline of October 1 has come and gone, leaving many retailers and payment solutions providers to ponder what’s next?

As of Oct. 1, 2015, any U.S. retailer that does not have the necessary POS hardware, software, and operational and network protocols in place to process an EMV-compliant chip card transaction faces a shift in fraud liability.

The highly anticipated EMV deadline of Oct. 1 has come and gone, leaving many retailers and payment solutions providers to ponder what’s next? As of Oct. 1, 2015, any U.S. retailer that does not have the necessary POS hardware, software, and operational and network protocols in place to process an EMV-compliant chip card transaction faces a shift in fraud liability.

As chip-based EMV cards become the payment norm for retailers, Visa continues to assert that PINs and even signatures are unnecessary security measures in a rapidly evolving payments landscape.

In a conference call, Visa executives explained why the company is taking the view that not only is PIN verification not a major concern, but neither is obtaining the customer’s signature.

Hot on the heels of Google’s official launch of Android Pay, Samsung is officially entering the U.S. mobile payment market. Samsung Pay, which launched in South Korea in August, is now available for use by U.S. consumers.

Samsung Pay functionality is built into the hardware of Galaxy S6 and S6 Edge mobile devices. Samsung says Samsung Pay is the first and only mobile payment service that works with both near field communication (NFC) and card readers with magnetic secure transmission (MST) technologies, which means it is already compatible with most POS terminals.

As of Oct. 1, retailers who do not comply with the Europay, Mastercard, Visa (EMV) security standard that relies on embedded chips in payment cards face a shift in card fraud liability. Many EMV issues have not yet been resolved. Here are three big ones:

Swipe left out
Retailers have been warned repeatedly that if they do not implement EMV-compliant POS terminals, they will bear liability for any fraud resulting from an EMV card transaction.

Shopify is keeping busy these days. The cloud-based omnichannel retail platform is launching a new credit card reader that will allow U.S.-based Shopify merchants to securely accept chip and PIN, tap, and swipe credit and debit cards.

The reader will also accept contactless payment technologies like Apple Pay. The device is designed for Shopify POS, the company’s iPad and iPhone POS used by retail and pop-up stores. Shopify is currently accepting pre-orders, with card readers to ship in the fourth quarter of this year.