< Back to Blogs

EMV and the Fallback Mechanism

blog-image

Fallback transaction is the term that came into the picture along with EMV - the workaround to make a successful transaction in case the chip or the terminal chip reader does not work. However, an EMV fallback transaction is considered a significant security threat in the era of trillion transactions. Fallback should not be relied upon, as it reverts us to the less secure magnetic stripe system, undoing much of what chip migration was designed to achieve.

There was no fallback option during the magnetic stripe era, as there was no alternative technology to rely on, except perhaps manually entering the card details. After EMV, magnetic stripe fallback was introduced as an option to keep transactions moving during the ecosystem's migration to EMV. Unfortunately, despite the progress in EMV, fallback is still being used as a workaround to reduce transaction declines. The assumption was always that fallback would be a temporary measure. In practice, it has persisted far longer than intended, and the EMV fallback risk it carries has grown alongside it.

How is fallback used now - during the EMV era?

Generally, either the chip on the card or the reader in the terminal may not work properly. In that case, when the card is inserted into the terminal, the terminal detects that the chip is not being read. The terminal then prompts the cardholder to swipe the card, and the transaction is processed as a magstripe transaction, without chip data and with a fallback indicator. The issuer then approves or declines the transaction based on magstripe data field details.

Another possibility for a transaction to enter fallback mode is when the specific AID (Application Identifier) is not loaded on the terminal. The terminal will be unable to identify the chip due to the absence of the AID and will prompt the user to swipe the card to process the transaction as a chip fallback payment. Both scenarios result in a transaction that bypasses the security controls that EMV was built to provide.

What makes chip fallback payments a persistent problem is that it is difficult to distinguish them from legitimate fallbacks at the point of sale. The terminal processes them the same way. The issuer receives the same data. Without additional monitoring at the acquiring or issuing side, fraudulent fallbacks can pass through undetected.

Damaged Chip - Are they an issue?

The main pillar of the EMV standard is security, which prevents card counterfeiting. So, if a chip is damaged, that security is compromised entirely. EMV provides three levels of security: card authentication, cardholder authentication, and issuer authentication. Once the chip is damaged, card authentication and issuer authentication cannot be performed. Cardholder authentication is only available for PIN-based transactions. A card with a damaged chip is effectively the same as holding a magnetic stripe card, without the fraud protection that the chip was supposed to provide.

Merchants should ideally reject transactions on damaged chips even in fallback mode. Accepting it continues the sale but transfers the EMV fallback risk directly onto them.

Fraudulent Fallback

As a fallback, a workaround can also be done intentionally. Even if a chip is fully functional, a fallback can be triggered by inserting the card in the opposite direction. The terminal detects this as a chip failure and prompts the cardholder to swipe, processing the transaction as a magstripe fallback.

It is done intentionally by merchants or fraudsters who want to bypass chip-based authentication, thereby enabling counterfeiting. Once the magstripe data is captured through a fraudulent fallback transaction, a counterfeit card can be created with a dead chip or no chip at all, and that card is then used to debit the customer's account. The original card never needed to be stolen physically. The magnetic stripe fallback mechanism handed over the data.

It is one of the more direct ways that EMV fallback risk translates into actual fraud losses. The EMV standard was designed to make card counterfeiting at the point of sale extremely difficult. Fraudulent fallback effectively sidesteps the entire protection by reverting the transaction to the format on which counterfeiting depends.

Good Practices

It is a list of good practices that can be followed to reduce fallback and work toward removing it entirely:

  1. After proper terminal integration certification, the bank or payment brand should ensure proper field rollout of each terminal or terminal application.
  2. Periodic follow-up for the expiry of EMV L1 and L2 certification and re-certifying terminals with expired certificates.
  3. Periodic follow-up for the expiry of terminal L3 certification for each terminal deployed in the field and re-certifying terminals with expired certificates.
  4. Regular monitoring or analysis of EMV fallback transaction counts from a particular terminal with the highest number of cards, and replacing such terminals on priority.
  5. Regular monitoring or analysis of fallback transaction counts from a particular card, and replacing the card as soon as possible. Issuers should have a dedicated monitoring system for fallback transactions.
  6. Periodic exhaustive training should be provided to terminal vendors and manufacturers, issuers, MSPs, merchants, and cardholders.

Beyond these steps, acquirers and processors can add a further layer of control by setting fallback transaction limits at the terminal level. A terminal that consistently generates fallback transactions above a defined threshold should trigger a review rather than continue processing without scrutiny. Some payment brands have already moved in this direction by imposing caps on the volume of magnetic stripe fallback transactions a merchant can process before penalties apply.

The goal is not to make fallback impossible in every scenario. Chips do fail. Readers do malfunction. The goal is to make sure that fallback is the exception it was always meant to be, monitored carefully and acted on quickly when the data signals something is off.

Increasing Chargebacks

EMV standards were introduced to reduce the number of chargebacks raised for fraudulent transactions. But due to the extensive increase in fallback transaction counts, that objective is not being fully met. Every chip fallback payment that goes unmonitored is a potential chargeback waiting to happen. In markets where liability has shifted to the merchant, those chargebacks land squarely on the acquiring side of the transaction.

With the remedies mentioned above to reduce fallback transactions, the number of chargebacks can be reduced considerably. The technology to protect these transactions exists. The gap is in how consistently the industry applies the monitoring and controls needed to keep fallback where it belongs, as a last resort, not a routine workaround.