Here Comes EMV®
EMV is the new credit card security standard. Merchants, consumers and our developer partners are adapting to the switch. Read on to learn more about EMV and OpenEdge’s answers for businesses accepting on-site credit card payments, as well as the technology we offer to assist our developer partners.
What is EMV?
EMV is a chip technology used globally in place of magnetic stripe. EMV chip technology helps reduce card fraud in a face-to-face, card-present environment. It enables safer and smarter transactions across contact and contactless channels. EMV was conceived by EuroPay, MasterCard and Visa (EMV). This group includes representatives from all major world brands (American Express, Discover, JCB, UnionPay) and comprises the governing body referred to as EMVCo.
Watch the OpenEdge EMV Solution Video
Why EMV? Why Now?
EMV has been the credit card standard in most industrialized nations for years. The United States is among the last hold-outs, and technically-advanced criminals have exploited that situation. EMV is a much more secure model for processing payments, so thieves have naturally gravitated toward the easier-to-steal data on magnetic stripe cards. The result has been a series of high-profile and damaging card data breaches. In fact, while the U.S. accounts for only a quarter of the world’s transactions, about half of all credit card fraud happens in the United States. EMV will correct that disparity and help make digital commerce safer.
EMV Liability Shift Fast Facts
- When? October 2015
- This is a card network mandate (not a law)
- U.S. is the last major market adopting EMV
- Card-present security improvement
Who is Affected by EMV?
OpenEdge EMV Solution
Part of the Edge Shield Security Bundle
Edge Shield is a collection of security-related components designed to eliminate existing vulnerabilities within the payments chain. When integrated into systems that accept payments, the bundle can protect credit card data while at rest and in transit. Edge Shield includes:
OpenEdge EMV Solution This fraud-reduction technology seeks to protect card issuers, merchants and consumers from losses due to the use of counterfeit and stolen payment cards at the point-of-sale. The technology helps insulate our developer partners from complex device driving and card brand certifications.
Point-2-Point Encryption. OpenEdge’s proprietary encryption is designed to render cardholder data virtually unreadable, encrypted at the device. Merchants are unable to view card numbers after the swipe or hand-key.
Token Vault. Cardholder data is replaced by digital “tokens” based on this technology. Sensitive data is stored in the more secure OpenEdge vault rather than in the merchant environment.
PA-DSS 3.0 Out-of-Scope. Payment applications are rendered out-of-scope with EdgeShield, eliminating cumbersome PCI validation requirements.
OPENEDGE SOLUTIONS FOR QIR™ The latest requirements from the PCI Security Standards Council state that small businesses must have their payment applications and terminals installed by Qualified Integrators and Resellers (QIRs). These security professionals are trained and certified to install and maintain PA-DSS validated payment applications. OpenEdge will help you navigate the QIR™ requirements, whether you need access to certified installers or plan to get your staff certified.
OpenEdge: QIR Certified
The security experts at OpenEdge have achieved QIR certification and can ensure your small business merchants are using payment applications installed and serviced in accordance with PCI standards.