A “Square” Deal on EMV Liability
For many independent merchants, especially those with portable operations or who only handle occasional card transactions, the arrival of mobile card readers like the Square Reader and PayPal Here was a godsend.
On the surface, it appears that merchants simply sign up for the service, get their reader and start accepting credit cards. However, because the process just seems so easy and self-managing, most merchants don’t even bother to think about the potential negative implications of their use.
This lack of awareness can lead to untold amounts of money lost to criminal fraud and chargebacks.
Are Merchants Liable for Fraud When They Use Mobile Readers?
Who is responsible for fraud losses if a card is swiped through a mobile reader?
As of the October 1 liability shift in the US, merchants who do not take advantage of EMV technology for card verification purposes are liable for any fraud damages they incur. This extends even to merchants using mobile readers which do not verify EMV chips.
If a merchant processes a transaction involving a counterfeit or stolen card, but is not using an EMV-enabled card reader, the issuing bank will accept no responsibility for the fraud. The merchant will be the only party on the hook for the lost money and merchandise.
Bearing that in mind, there are two different courses of action which merchants using mobile readers might pursue:
- Upgrade to the more expensive EMV-enabled Square or PayPal readers
- Continue using the more basic model card readers and accept the risks associated
Can I Be Victimized Even with an EMV-Compliant Reader?
Even with an EMV-compliant reader, the merchant may still be at risk.
It is important that merchants fully understand their liabilities and responsibilities if they plan to rely on mobile card readers. EMV-compliant devices can help prevent a good amount of card-present fraud, but no system is foolproof.
The main takeaway for merchants using mobile card readers is to abide by policies and practices which best protect you against fraud:
- Invest in an EMV-enabled card reader
- Avoid manually entering card information at all costs
- Be careful not to charge a customer’s card more than once
- Try not to use public Wi-Fi with EMV readers, and never use public Wi-Fi with non-EMV readers under any circumstances
Each of these practices add another layer of defense against potential fraud losses.
Is There a Viable Alternative to Mobile Readers?
Most merchants who conduct business using mobile readers do so for the sake of convenience. They believe that getting a merchant account and signing up with a traditional processor is too complicated or too restrictive for their small business on the go. However, some merchants might see a benefit from making the move.
If you are processing more than a few thousand dollars a month in credit card transactions, it would likely be cheaper to go with a traditional merchant account and a card processor. This option would also leave you with better avenues for chargeback representment and other fraud prevention benefits.
No matter whether you use a mobile card reader or a merchant account, it would be in your best interest to always abide by business best practices and be wary of suspicious activity. Otherwise you risk being plagued by fraud, excessive chargebacks and other sources of revenue loss, regardless of the processing service you employ.