11:24 AM
Connect Directly

AJB Software Rolls Out EMV System for U.S. Retailers

The FIPay EMV software will speed up the conversion to EMV cards for merchants and also integrates mobile and point-of-sale transactions.

AJB Software Design Inc., a payment integrations software provider, announced a new EMV migration system for retailers in the U.S. called FIPay. The system enables EMV transactions on hardware that merchants already have, speeding up the conversion to EMV while also allowing merchants to integrate with new mobile and other point-of-sale payments solutions.

EMV chip credit cards, already the norm in many other countries, provide greater security than the magnetic stripe cards widely used in the U.S. The increased security means fewer fraud cases and disputed charges, and a lower chargeback rate. AJB has worked on dozens of projects helping retailers in Canada and the UK make the migration to EMV, and the company says that several of those retailers have already seen a decline in chargeback rates. This reduction in fraud and chargeback rates will lead to the widespread adoption of EMV, says Pat Polillo, AJB's vice president of sales. "I think it's inevitable that 3, 4, maybe 5 years from now you will see a mass migration to chip and pin [EMV cards]," Polillo predicts.

Since everyone acknowledges that EMV is more secure than magnetic stripe, Polillo says that card issuers like banks, Visa and MasterCard will use a stick and carrot approach to pull merchants off of magnetic stripe cards. On the on hand, he says, card issuers will put pressure on retailers to adopt EMV by refusing to pay back for fraud cases associated with magnetic stripe cards. Issuers also currently require larger retailers to conduct annual audits to make sure that their hardware for accepting credit card payments is PCI compliant. Preparing for these audits typically costs a major retailer between $200,000 and $300,000 per year, according to Polillo, but he suspects that issuers may let retailers forgo the audits if they make the migration to EMV.

Although Polillo says that the mass migration to EMV is still a couple of years away, AJB is rolling out FIPay for U.S. retailers now to help them get a head start on the conversion. Polillo says that after working with retailers in Canada on EMV adoption, AJB discovered that waiting to roll out their software until retailers begin migrating makes it difficult for the retailers to scale the solution. EMV cards require more vigorous testing of the cards and payments systems, but by introducing FIPay now AJB will be able to plan ahead, making the solution easier for retailers to integrate and scale.

FIPay is PA-DSS certified for EMV transactions, which AJB says will make compliance simpler for merchants. It is also one of the first systems that can accept EMV transactions on mobile point-of-sale hardware.

[See Related: The Slow March Toward EMV Adoption in the U.S. ]

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.