1 Million Payment Terminals With EMV Are Facing Expiration Date And Possibility Of Going Into Waste

A problem regarding a process of changing IC terminals has occurred in an unexpected place and it is due to 1 million payment terminals that already had received EMV certification. 

According to Korea Credit Finance Corporation Law that has been revised since July, IC terminal security certification is possible only for products that have not passed EMV certification. In other words, only products that still have expiration date for EMV certification have the requirements to IC change and products that had passed the expiration date are close to being thrown out since they cannot be even received by a testing organization. 

According to financial industry, 1 million payment terminals, which had received EMV certification 2 to 3 years ago, for IC have become headache for industry. Usually expiration date for EMV certification is about 3 years. Payment terminals that had already passed expiration date or reaching 3 years since they were distributed are excluded from testing by certification organizations that are related to a business of changing IC and they can receive requirements to be considered by IC certification testing organization if they receive EMV certification again by paying tens of thousands of dollars. 

VAN industries are pointing out that a plan needs to be prepared since payment terminals that are working fine are at a point of being thrown away due to an ‘expiration date of EMV certification’. Their responses are that they do not understand why EMV certification is one of requirements to receive security certification of IC terminals.
“More than a million IC payment terminals that are out in the market had already passed expiration date or are reaching expiration date. South Korean Government needs to delay expiration date for currently produced models so that they can receive security certification without considering expiration date of EMV.” said one person in VAN industry.
Their stances are that a detailed examination is needed to see if an EMV certification is a necessary item for IC’s security certification. “EMV certification that costs more than $89,000 (100 million KRW) cannot be considered as a certification related to security, but certification related to payment processing. There is not a way to utilize terminals that are already supplied to markets as well as stocked products that were already mass-produced.” said a person from a card company. 

Regarding this, credit cards’ VAN association has started complete enumeration on payment terminals with expired EMV certification. They are planning to request an effective measure to financial authorities after collecting results from its investigation.
“It is not right to dispose products that are still in good condition due to a ridiculous security requirement. We are going to look for a way where currently produced models can receive consideration whether or not its EMV expired or to have those meet requirements by upgrading modules without replacing terminals.” said a person affiliated with VAN association.
Staff Reporter Gil, Jaeshik | [email protected]