Browse Definitions :
Definition

EMV card

Contributor(s): Ivy Wigmore

An EMV card is a credit or debit card with an embedded microchip and associated technology designed to enable secure payment at compatible point of sale (POS) terminals.

Compatible terminals enable card dipping for chip and PIN or chip and signature authentication. EMV cards can also support contactless payment through near-field communication (NFC) wireless connectivity. When a customer inserts or taps the payment card, the terminal communicates with the card issuer's system for authentication and a single-use transaction code is issued. The customer inputs their PIN or signs to provide two-step verification. PIN entry is considered more secure because it also provides two-factor authentication: something the user has (the card) and something the user knows (the PIN).

EMV stands for Europay, Mastercard and Visa, the three organizations responsible for the standard. In October 2015, the United States joined 80 countries around the world that had already implemented EMV. The October 1st Payment Card Industry (PCI) deadline signaled a liability shift: Prior to that date, the card provider and the merchant split the cost of fraudulent transactions.

After the deadline, if one partner in the transaction is not compliant with the EMV standard, it must bear the loss: If the merchant has an EMV terminal in place but the financial institution has failed to provide the customer with an EMV card, the burden is on the financial institution. However if the customer has been issued an EMV chip card but the merchant has not installed EMV-compliant terminals, the merchant is held solely responsible. If both parties are compliant with the standard, the card issuer is held responsible.

This was last updated in October 2015

Continue Reading About EMV card

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • business impact analysis (BIA)

    Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to ...

  • M.2 SSD

    An M.2 SSD is a solid-state drive that is used in internally mounted storage expansion cards of a small form factor.

Close