Previously, the card issuers held liability for card-present counterfeit fraud on credit and debit cards. However, in order to avoid liability costs and encourage EMV compliance, the card brands provided new guidelines. Effective October 1, 2015, the EMV Fraud Liability for fraud losses shifted to whichever party has implemented the least secure technology. This financial responsibility could be placed on merchants, merchant acquirers, or issuing banks and financial institutions if they are not EMV-enabled. However, if all parties are EMV-enabled, the liability typically stays with the card issuer.
Consider the example of a financial institution that issues a chip-and-signature card used at a merchant that has not changed its system to accept chip technology. This allows a counterfeit card to be successfully used. The cost of the fraud will fall back on the merchant.