UCP-Inc

Unattended Card Payments Inc. (UCP Inc.) is dedicated to providing EMV compliant Hardware and Payment Gateway solutions for Unattended card payment terminals in the North American market.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form

Uncategorised

21
Nov
1

CreditCall's Jeremy Gumbley's interview regarding EMV Migration for Business Solutions

Posted by on in Uncategorised

Jeremy Gumbley, CTO of Creditcall, tells how the U.S. compares to other countries’ progress in their EMV migration at a year before the deadline, as well as what IT solutions providers should be doing for their customers now.

Q: Our readers’ merchant customers have until October 2015 to implement EMV-enabled systems to avoid responsibility for fraudulent payment card transactions. Can you explain how that date and the upcoming shift in liability originated?

Gumbley: The October 2015 Liability Shift deadline was a joint effort created by payments brands in the U.S. In August 2011, Visa announced its plan to speed up EMV migration in the U.S. by implementing retailer incentives, processing infrastructure acceptance requirements and a counterfeit card liability shift. Shortly after that, MasterCard, Discover, and American Express announced their roadmaps to EMV in the U.S. with an agreed liability shift deadline of October 2015.

The main driver behind the push towards EMV acceptance in the U.S. is the technology’s ability to combat fraud.  

Q: Is this a similar pattern that took place in other countries during EMV adoption?

Gumbley: Many countries around the world that have successfully migrated to EMV, implemented a deadline for their migration — a major difference is that the U.S.’ liability shift comes, in some cases, 10 years behind other countries.

In the U.S., while October 2015 marks the date when merchants will be liable for the costs associated with fraud if they have not updated their technology to be EMV compatible, the transition is not mandatory. After October 2015, merchants who choose not to update their payment systems to the new EMV technology will be liable to cover the potential costs of fraudulent transactions caused by mag-stripe cards.

A similar pattern took place during the UK’s migration to EMV. While the liability shift came into action in January 2005, it became a mandatory process to accept EMV chip cards as of February 14, 2006. Retailers were advised to expect credit card brands to decline payments automatically if a chip and PIN card was not used in the transaction. 

There is still a potential for the move to EMV chip card technology to become a mandatory process in the U.S. in the future.

Q: Based on history, how does the U.S. compare to adoption one year before that date?

Gumbley: With the liability shift coming into place in less than 12 months, there doesn’t seem to be much sense of urgency amongst integrators, ISVs, and VARs to migrate their solution to the EMV chip-card standard, despite development times taking an average of 22 months.

One year ahead of the liability shift in the U.S., we are not seeing a lot of consumer education programs. The UK employed a chip and PIN rollout campaign to educate consumers about the new technology. The campaign was centered around the slogan “I ♥ PIN”— a fitting slogan as Valentine’s Day, February 14, was the date that shoppers were required to enter their PIN, as opposed to verifying via signature, when using their chip and PIN cards.

However, consumers are becoming more aware as many large retailers have been affected very publicly by breaches including the likes of Home Depot, Michaels, Neiman Marcus, and most famously, Target. In a bid to stay out of the headlines, many retailers are quickly adopting the new technology — I predict that if the current momentum continues that by the liability shift, more than half of retailers will be able to accept EMV payments. When customers increasingly begin to use their chip cards at retailers, it will continue to drive adoption elsewhere.

Q: What is impeding adoption?

Gumbley: The central question surrounding EMV Migration in the U.S. is why has it taken so long for the world’s largest industrialized country to adopt EMV? The cost and sheer scale of implementation, especially for a country as vast as the U.S, are major factors affecting the speed of migration. This includes the issuance of new EMV-chip debit and credit cards as well as the upgrade of all payment terminals to the EMV standard.  Software developers charged with creating EMV-ready solutions are overwhelmed by the volume of information they need to digest and the complexity of EMV.

Q: As trusted advisors, what can retail VARs do to ensure their customers have every chance of having an EMV-enabled system by next October?

Gumbley: The most vital piece of advice for retail VARs is to start the process of migrating payment systems to EMV now.  From start to finish, upgrading a payment system to the EMV standard can take up to 22 months. This means to be ready for the October 2015 deadline, VARs should have started with their EMV migration process back in January 2014.  

To help VARs accelerate the EMV Migration process by reducing risk, operational resources and necessary skill, they need to join forces with experienced EMV-ready partners (like Creditcall) who offer pre-certified solutions which will significantly reduce the amount of time and effort to get up and running.

Without a pre-certified solution, retail VARs need to consider five steps:

  1. Select an appropriate PIN pad or card reader and develop a robust and reliable driver for it. This takes on average three months per PIN pad.
  2. Update all existing processor interfaces to support the new EMV requirements. This can take up to six months. With the October 2015 deadline approaching quickly, you must consider the demand for processor support requests in the run-up which could cause bottle necks, delaying the process even further.
  3. Get all the major card scheme certifications such as MasterCard M-TIP, Visa ADVT, American Express AEIPS or Discover DPAS. These take approximately four months and have to be repeated for every PIN pad and processor combination. If you support three PIN pads and three different processors you will need to schedule 144 weeks to obtain these certifications.
  4. Create a Terminal Management System (TMS) to keep PIN pads compliant and up to date by running the latest version of the EMV standard. A TMS enables this remotely, if an estate of PIN pads cannot be updated manually. PIN pads that don’t run the latest software or configuration are not compliant meaning merchants can be fined by the card brands which is passed down to them by their processor.
  5. Include support for point-to-point encryption (P2PE) as in combination with EMV your solution will be future proofed and provide the safest payment system available.

Jeremy Gumbley is a veteran of the payments industry having driven product and technology development roadmaps to accommodate EMV migration programs in the UK, Europe, Africa and the Middle East as well as the U.S. and Canada. Gumbley has driven Creditcall’s technical development since 1999 and was appointed chief technical officer and technical director in 2001.

He is responsible for the design, development and implementation of the company’s market leading card payment solutions and portfolio of EMV Level 2 Kernels. Creditcall has licensed and deployed over 1 million Kernels over the last 10 years. In addition, Gumbley oversees the maintenance of the company’s PCI DSS Level 1 compliance.

 

LINK TO ORIGINAL CONTENT: http://www.bsminfo.com/doc/creditcall-cto-migrate-systems-to-emv-now-0001

 
Continue reading
Last modified on
Hits: 1899
0
12
Nov
0

UCP Inc. interviewed for recent article on Retail Customer Experience

Posted by on in Uncategorised

UCP Inc. was recently interviewed for an article on the importance of being EMV ready in 2015. You can read the full article here:

Six Tips for becoming EMV Compliant

 

Continue reading
Last modified on
Hits: 1721
0
31
Oct
0

UCP will be at CETW 2014 in New York

Posted by on in Uncategorised

Unattended Card Payments Inc. will be attending CETW next week in New York. If you will be attending and would like to learn more about EMV in North America shoot us an email at This email address is being protected from spambots. You need JavaScript enabled to view it. or call 702-802-3504 to set up a meeting.UCP Logo

Continue reading
Last modified on
Tagged in: CETW chip and pin EMV kiosk
Hits: 1766
0
17
Oct
0

EMV readiness in Transportation

Posted by on in Uncategorised

This week we had the opportunity to attend the nations largest transportation show, APTA. This show happens only once every three years so just about everyone shows up. Bus and train manufacturers, toll and fare collection solution providers, transit tracking, and mobile computers are just a few of the products featured at the APTA show this year. All over the show floor I found numerous examples of manufacturers offering EMV ready solutions. Since UCP specializes in EMV for the US market we were happy to see that a lot of the self-service solutions being shown were already equipped with EMV compliant hardware. 

 

Continue reading
Last modified on
Hits: 1881
0
09
Oct
0

Acronyms in EMV: What do they all mean? Edition 3 SRED

Posted by on in Uncategorised

Secure Read and Exchange of Data, SRED is a set of criteria that PIN entry and card reader devices are tested against. Manufacturers submit complete prototypes of terminals and other payment devices for SRED evaluation. SRED ensures that cardholder data is protected from the point of acceptance, and lays the larger foundation for point-to-point encryption (P2PE). There is specific SRED criteria for terminals installed in attended versus unattended environments. SRED devices are also equipped with tamper sensors and switches meant to guard against physical security breaches at the terminal level. Additional security requirements are listed for unattended hardware like that installed in self-service kiosks or fuel dispensers. These additional security measures help ensure merchants that the level of security is not degraded in unattended environments.

Continue reading
Last modified on
Hits: 3037
0

Our Partners


Hemisphere West Europe Ltd are specialists in attended and unattended payment solutions for the UK and European markets.

Visit website www.hweurope.com

Contact Us

6655 South Tenaya Way Suite #180
    Las Vegas, Nevada 89113

Tel: 702 – 802 – 3504

E-mail: Send Inquiry