dragon452 wrote:Attached is a paragraph from a "Bankrate" article I saw recently: "That's why the major card networks will stage a "liability shift" to prod merchants into upgrading to EMV. After Oct. 1, if a counterfeit debit card purchase happens with a chip debit card because a merchant failed to upgrade, the merchant, not the bank, will be responsible, ABA's Johnson says."
That's just over five weeks away now. Needless to say, I believe that MOST (not some) people will still not have EMV chipped credit or debit cards by then (unless they demanded a replacement). So the obvious legal question is: if a fradulent credit/debit card transaction occurs after October 1st (possibly due to skimming the magnetic stripe), and you have not been issued an EMV card by your bank, is the bank still legally reponsible for your reimbursement (assuming that you reported the fraud quickly), or can the bank try to shift the blame onto the merchant anyway, saying that their old-style card readers are faulty, go complain to them?
Following the liability shift, the party without EMV support is liable for card present fraud. So a merchant with with a chip terminal (with the reader enabled....) is not liable for a fake card with only a magnetic stripe. A merchant without a chip reader who takes a fake card that should have been chipped, whether the fake actually is, or not, is liable for the fraud. If neither or both parties support EMV, the fraud risk remains with the bank. There are special rules for automated fuel dispensers, and some other classes of terminal. Also, some card processors who don't provide an upgraded terminal to their customers may be on the hook, and not the merchant.
EDIT to clarify: one of the the things that doing online verification will do will tell a chip enabled terminal that the swiped card is supposed to have a chip, and refuse to approve the transaction, except through the chip reader.
The customer continues to have their liability limited by federal law, there's no change there.