There was a time when the banks took on all the liability of credit card fraud. They wanted everyone to use their credit cards, so they made it safe for both card holders and merchants to use them. But in 2015 in the US and 2017 in Canada, something shifted. Much of the liability was pushed from the banks on to the merchants and businesses, in most cases small business owners.
The liability shift was meant to encourage the change to EMV chip cards. “The liability shift protects the entity who offers the greater level of security by holding the other entity with less secure systems responsible for fraud,” says Carolyn Balfany, safety and security expert at Mastercard.
But it did more than that, through the emphasis of the “less secure system” being liable for the fraud. This major shift in liability was challenged in the US, where major retailers, such as Wal-Mart and Home Depot filed anti-trust lawsuits against the credit card companies.
They lost and the credit card companies got their way. But the attempt to encourage the use of EMV cards, also had another implication. It meant that businesses that relied on or accepted credit cards payments over the phone, were now responsible for the fraud and forced to bear the cost.