With the counterfeit card liability shift several months behind us, restaurants remain cautious on investing in equipment and POS upgrades required to enable EMV card acceptance. Many have prioritized implementing point-to-point-encryption and tokenization, to prevent costly data breaches, over EMV, which protects against fraudulent individual transactions initiated with counterfeit cards. A data breach could cost a non-PCI-compliant merchant anywhere from $5,000 to $100,000 every month until they resolve all of their compliance issues. In contrast, EMV liability should generally be low for restaurants. Historic counterfeit fraud losses in this sector ran in the 1 to 3 basis point range, or $100-$300 for every $1 million in sales. This is because fraudsters with counterfeit cards are less interested in a free meal and have seemingly focused their efforts on buying items that can be easily converted to cash, like electronics and prepaid gift cards.
Even though the initial impetus to deploy EMV solutions at restaurants lagged, recent concerns over “friendly fraud” and issuer-initiated chargebacks have raised concerns and prompted some restaurants to test and deploy chip-card solutions. If you have an integrated point-of-sale system and are planning to accept EMV chip cards with chip-reading devices in a table service environment, below are three options to consider.
Pay-at-the-Workstation (Chip and Signature)
An option to protect against counterfeit card chargebacks without changing your guest’s payment process, is to install a “Chip and Signature” certified card reader at each workstation. “Chip and Signature” is the primary U.S. cardholder verification method (CVM) for chip cards, and enables a business as usual approach towards EMV card acceptance. The server will bring the receipt and folio to the table, and return to the workstation to either swipe or insert the card into the reader. The authorization is processed for the pre-tip amount, and after obtaining the signed receipt, the post-tip final sale amount is entered by the server into the workstation.
Since the card reader is configured for chip and signature, foreign-issued and other PIN-preferring cards will not request or require PIN-entry. So, no need to make guests with PIN-preferring cards come to the workstation to enter their PIN. All four card brands confirmed that even PIN-preferring cards will get higher approval rates than if the card was magstripe read, because the card issuer will be more confident that the card is authentic since the chip was read. For this configuration to work properly, it is important to have the card reader EMV certified for only Chip and Signature CVM vs. certified for all CVMs with a “PIN-bypass” option. The “all CVM with PIN bypass” option may result in PIN-preferring cards getting declined when PIN bypass is selected.
Chip and signature is generally the least expensive way to enable EMV and will protect merchants against counterfeit card chargebacks across all card brands. It also protects against lost and stolen card chargebacks on Visa cards. It does not, however, protect against lost and stolen cards that were both PIN-preferring and issued by MasterCard, AMEX or Discover. Since most U.S. issued cards are chip and signature, and Visa represents the majority of transactions, merchants will need to decide if the cost savings of a chip and signature solution outweighs the extra protection and operational changes imposed by pay-at-the-table solutions that support PIN-entry.
For many, implementing a chip and signature pay-at-the-workstation EMV solution represents the most economical way to protect against counterfeit card fraud with the least amount of operational change and staff training requirements.
On the other hand, EMV acceptance solutions that use Chip and PIN enabled card readers, allow the consumer to complete the transaction and keep their card in their possession at all times. They also provide additional chargeback protection against a lost and stolen card that was both PIN-preferring and a MasterCard, AMEX or Discover. A couple of these options are described below.
PINpad-initiated Pay-at-the-Table (Chip and PIN)
In the PINpad-initiated pay-at-the-table model, the server initiates the payment process on a portable EMV PINpad by entering the table number or check number. Since the server brings the device to the table and usually stays with the guests as they pay, it’s common to choose a wireless EMV terminal with a built-in printer, so that the server doesn’t need to go back to a workstation to print a receipt.
A well-designed system will allow the server to pick up any available PINpad to check out a table, vs. having to locate a specific PINpad that is associated with specific tables or workstations. It will also allow the server to split the check among a number of different guests paying with different cards and/or cash. Keep in mind, though, that this checkout process often results in the server remaining at the table until everyone has paid, and may make some patrons feel like their tipping is being monitored.
Tablet-initiated Pay-at-the-Table (Chip and PIN)
In the tablet-initiated pay-at-the-table model, the server initiates the payment process on a tablet that is “married” to an EMV PINpad. The PINpad will usually be a compact device attached to the tablet via a sleeve or dongle, or it could be an EMV terminal with a built-in receipt printer. The checkout process is the same as it would be with a pay-at-the-counter solution, with the server initiating the checkout on the tablet, which sends the check amount to the customer-facing PINpad to complete the sale. In this case, the server is carrying a portable tablet, and effectively bringing the counter to the customer’s table.
Receipt printing considerations should be made when evaluating any pay-at-the-table solution. Some systems only offer an email receipt option. This may be considered “eco-friendly” by some patrons and “privacy invasive” by others. With a tablet-initiated pay-at-the-table system, the PINpad should either include a printer, or a separate wireless holster printer can be used to prevent sending the server back to the workstation for those guests that want a printed receipt.
In summary, the pay-at-the-workstation option is usually the least expensive and causes the least amount of change to the payment process. Pay-at-the-table options allow guests to keep their card at all times, and offer added protection against lost/stolen AMEX/MC/DISC cards that are PIN-preferring.
Merchant Link’s TransactionLink™ middleware supports all of the above options, and lets merchants start with one option and transition to another as desired. Restaurants that do not have many foreign cardholders may choose to start with pay-at-the-workstation, and decide later if they want to invest more and enable pay-at-the-table. For others, it may make sense to start with PINpad-initiated pay-at-the-table, with the option to transition to tablet-initiated with a future POS upgrade. Under any scenario, TransactionLink acts as the universal connector between workstations, tablets and PINpads, giving merchants ultimate flexibility to choose to solution that works best for their environment.