In 2019, both of the leading retail petroleum POS platform providers, Verifone and Gilbarco, will transition from directly providing a network security solution to a certified Managed Network Service Provider (MNSP) program. This has been prompted by the network brands who have made MNSP a requirement. To maintain secure remote access for helpdesk support and software updates, both Verifone Commander and Gilbarco Passport customers must transition to a certified MNSP. Using a certified MNSP is also a key requirement for supporting outdoor EMV transactions.
As you are now aware, Verifone and Gilbarco have implemented the new Managed Network Service Provider (MNSP) certification program to help sites enable EMV at the dispenser and to provide a more secure remote support and software distribution process. This move to an MNSP program has been prompted by a requirement from the network brands. To implement MNSP configuration, sites will be required to remove the end-of-lifed Verifone EZRs and Gilbarco RVO42 zone routers to this newer, more secure technology.
On October 1, 2020, counterfeit fraud liability will shift to you, the merchant, when an EMV (chip) card is used at a fuel dispenser that only has the ability to read the card’s magnetic stripe and not the chip.
Today, this fraud is being covered by the issuing bank. On October 1, 2020, and after, issuing banks will no longer cover fraud-related costs that occur at a non-EMV compliant fuel dispenser.
What is skimming and how is data being stolen?
As you are aware, skimming is a form of payment card fraud and theft when thieves obtain unauthorized data to sell the information on the dark web, use the account to make purchases online, and create cloned credit cards that they often use to engage in stealing fuel. Thieves break into fuel dispensers using universal keys and specialty tools that can be bought online or at your local hardware store.
There are two types of skimmers:
Skimming devices are used by criminals to obtain credit card numbers and cardholder information without the customer’s knowledge. While skimming can occur at any point of sale (POS), it is most common at Automated Fuel Dispensers (AFDs). With the EMV liability shift at the forecourt just 18 months away, the window of opportunity for thieves to get this data is closing.
What is skimming?
Skimmers at gas pumps are a continuous threat and the use of skimmers by fraudsters to steal credit card information is on the rise.
To protect your sites and your consumers, consider doing the following on a daily basis:
1. Use security decals on all dispensers and inspect dispensers for tampering
2. Install unique locks on your dispensers
3. Monitor activity at the dispensers, especially those that are hardest to see from inside the store
Data released by Visa showed that counterfeit fraud ticked down at U.S. merchants by 75 percent from September 2015 to March 2018 as more storefronts started accepting chip cards.
To that end, Visa said that, as of its latest “Visa Chip Card Update,” as many as 67 percent of storefronts in the United States now accept chip cards.
The company further elaborated that counterfeit fraud dollars at all U.S. merchants slipped 46 percent.