EMV chips were supposed to kill card-present fraud. In some ways, they did. But in 2025, fraudsters are still finding cracks in the system, and merchants are still taking the hits. Here’s what’s going wrong, how fraud works in a chip-enabled world, and what merchants can do to protect their setup.
What Is EMV Fraud?
EMV fraud refers to scams that occur despite the presence of EMV chip technology on credit and debit cards. The EMV standard was introduced to reduce card-present fraud by making it harder to clone physical cards. It replaced the old magnetic stripe with a chip that creates a dynamic code for each transaction.
But EMV doesn’t eliminate fraud. It just changes how it happens.
Instead of copying magstripes, fraudsters now focus on:
- Stealing chip data through compromised terminals
- Forcing fallback to magstripe mode
- Spoofing terminals to bypass security
And all of this opens the door to chargebacks that many merchants wrongly assume EMV protects them from.
Why EMV Fraud Still Works in 2025
1. Fallback Transactions
Fallback occurs when a chip card is inserted, but the terminal fails to read the chip and falls back to magnetic stripe mode. This creates an opportunity for fraudsters. If they’re using a counterfeit card with a fake chip, forcing a fallback lets the transaction go through using cloned magstripe data.
Merchants who don’t disable fallback on their terminals are vulnerable. And worse, fallback transactions often shift liability back to the merchant even when the customer has a chip card.
2. Terminal Spoofing
Some fraud rings use hardware that mimics the behavior of a proper EMV terminal. This spoofed setup tricks the card into thinking it’s dealing with a legitimate device. But the terminal is really capturing chip data and PIN codes for use in fraudulent transactions.
In-person attacks like this are harder to pull off, but when they succeed, they’re devastating. The stolen data can then be used in other countries or at fallback-accepting terminals.
3. Stolen Chip Data and Counterfeit Cards
It’s much harder to clone an EMV chip, but not impossible. Sophisticated attackers exploit vulnerable points in the transaction chain. This can include weak point-to-point encryption, unpatched POS systems, or insiders who siphon card data.
The cloned cards don’t always replicate the chip. Instead, they rely on fallback abuse or are used in places that don’t fully support chip verification.
4. Cross-Border Weaknesses
Inconsistent global rollout of EMV standards means that cards stolen in one country can still be used in another where enforcement is laxer. Fraudsters often test stolen cards in low-security regions or ATMs with outdated firmware.
Even if your business is EMV-compliant, fraud from these environments can come back to you in the form of international chargebacks.
Merchant Setup Red Flags to Watch For
Merchants often unknowingly leave themselves open to EMV fraud. Here’s what to check:
- Fallback is enabled: If your terminal allows magstripe fallback, turn it off unless you have a strong business case.
- Contactless-only support: Some newer setups skip the chip and only offer tap. If the system can’t handle full EMV chip auth, liability shifts to the merchant.
- Unattended or outdated terminals: Vending machines, kiosks, or fuel pumps may run old software or lack encryption, making them easy targets.
- No PIN capture for debit: Many EMV-capable devices skip PIN capture and fall back to signature. PIN is more secure, so use it if your processor supports it.
- Manual keying allowed: If employees can key in card numbers, fraud risk increases, and EMV protection doesn’t apply.
How EMV Fraud Leads to Chargebacks
One of the most misunderstood issues with EMV fraud is how it connects to chargebacks. Many merchants believe that if they use a chip reader, they’re protected from liability. That’s only true if:
- The chip was used correctly
- The terminal and software were certified and updated
- No fallback or bypass occurred
If anything breaks in that chain, the merchant gets hit with the chargeback, especially for reason codes like:
- 10.1 (Visa: EMV Liability Shift)
- 4870 (Mastercard: Chip Liability Shift)
- F31 (American Express: Lost/Stolen Card)
And unlike other disputes, these are hard to fight. The issuer often sides with the cardholder unless the merchant’s EMV setup was flawless.
Conclusion
EMV fraud isn’t going away anytime soon. It’s just evolving. Fraudsters are getting more technical, and liability is still shifting back to merchants when EMV standards aren’t followed exactly.
To avoid getting blindsided, merchants need to take a close look at how their terminals handle chip cards. Turning off fallback, updating software, and staying alert to spoofing tactics can make all the difference.
FAQ: EMV Fraud
What is fallback in EMV transactions?
Fallback happens when a chip card fails to read and the terminal switches to magnetic stripe mode. This opens a security gap and often shifts liability for fraud back to the merchant.
Does EMV stop chargebacks?
Not completely. EMV helps reduce fraud-related chargebacks, but only if the transaction was processed correctly through the chip. If there's a fallback, spoofing, or setup issue, the merchant is still liable.
Can chip cards be cloned?
It’s extremely difficult, but not impossible. Criminals can exploit weaknesses in the transaction chain or use spoofed terminals to capture chip data. This data can then be used for fallback or international fraud.
Should merchants disable fallback?
Yes, in most cases. Disabling fallback prevents fraudsters from forcing magstripe transactions. If fallback must be allowed for business reasons, merchants should monitor transactions closely and limit their risk.
What’s the best way to prevent EMV fraud chargebacks?
Use terminals certified for EMV, keep software updated, turn off fallback if possible, and require PIN for debit transactions. Also, make sure your processor supports full EMV security features.
Want Fewer EMV Chargebacks? Fix the Weak Links Before They Cost You
Chargeblast helps merchants spot fraud slipping through, especially when chargebacks are tied to EMV missteps. If fallback transactions, outdated terminals, or chip-related disputes are hurting their win rate, our platform flags the patterns and gives them the data to fix them fast. Stop letting EMV give you false peace of mind.
