As its title indicates, "EMV: Retail's $35 Billion 'Money Pit,'" produced by the IHL Group, draws some contrarian conclusions. According to this new study, most retailers will never recoup the expense that EMV imposes.
"The single biggest problem with the EMV mandate is that it is focused on trying to solve last century's problem and completely ignores the reality that retailers are facing today," postulated Greg Buzek, President of IHL Group.
"Twelve years ago, when EMV was introduced into Europe it made tremendous sense. Today, it stands in the way of real data security by stealing critical budget away from focusing on the risks that retailers face from online hackers." According to this research, unless the merchant is on the front lines of fraudulent card transactions--e.g., electronics, fuel, mass merchants, or related gift cards--the risk of loss is extremely small compared to criminal online activity. And thus, end-to-end encryption and tokenization should be moved to the forefront in place of EMV.
Some further findings: EMV costs are additive to what retailers are already paying for PCI, which now consumes 55% of their total data security budget; the typical EMV transaction will take 5 to 8 seconds longer to conclude; many consumers will leave their card in the payment device, since insertion is required for the entire transaction; EMV, with some probable confusion, will be introduced just before the critical shopping season on October 1; and the average ROI for your typical $1 billion specialty store for EMV is projected at -77% over three years.
"Retailers who simply focus on EMV at check-out without focusing on end-to-end encryption and tokenization in all of their sales channels are actually opening up a significant security hole," warned Buzek.
Gregt Buzek, IHL Group