Adoption of the EMV standard for card issuers and merchants has always been voluntary. October 1, 2015 marked the deadline for implementing what's known as Chip-and-PIN technology. If you missed this deadline, it could get expensive for the entity using the lesser technology.
What is commonly called the liability shift means liability for the estimated $10 billion losses seen in the US in 2015, will no longer be borne mainly by card issuers.
When counterfeit credit card fraud occurred at retailers in-store locations, liability was usually borne by card issuers. Back in October 2015, after the liability shift, who pays for fraud losses now depends on who has the lesser technology.
As examples of this shift, the:
The latter has always been the case (where the latest technology is applied by the merchant). In cases where technology application is even, fraud liability after the shift stays, as it always did, with the card issuer.
Different types of card payment loss liability are handled differently depending on the global payment network. The liability shift for:
Across the board, the general rule applies: the party utilizing the most secure technology for each fraud type prevails in any chargeback claim.
Becoming EMV-compliant for merchants is about more than just purchasing and installing the proper terminals. Certification requirements follow, those specific to the terminals, but also the payment application used must be certified for EMV. While that sounds daunting, all that merchants need to do is find a processor that is certified.
As part of the incentive for merchants to support EMV, card networks do provide a "safe harbor" for some assessments if the merchant meets certain criteria. Account data compromised from magnetic strips may not result in assessments against merchants in all cases (which used to be the case).