Home Data-Driven Thinking GDPR And Lessons From The Credit Card Chip Rollout

GDPR And Lessons From The Credit Card Chip Rollout

SHARE:

Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Ryan Eney, director, legal, at OpenX.

In 2016, the retail and finance ecosystem was shaken up with the US introduction of EMV, the global credit card chip technology retailers were required to use when consumers made in-store purchases.

In years leading up to 2016, highly visible credit card fraud schemes surged. Privacy and fraud were top of mind for everyone in the supply chain, from retailers and payment providers that facilitated the transactions to the consumers who ultimately suffered the most. The industry recognized that substantial changes and a standardized approach were needed for greater consumer protections, and EMV – named after Europay, MasterCard and Visa, which created the standard – was rolled out.

While it was a big step forward for consumer protection, it also had a large impact on retailers that were forced to revamp their payment infrastructure. New systems were rolled out across the country, and banks and credit card providers issued hundreds of millions of new cards, allowing the EMV chip to become the norm in less than 24 months.

Like the EMV requirement rollout, the upcoming General Data Protection Regulation (GDPR) makes progress toward protecting consumers’ privacy, and the businesses affected must complete significant upfront work to comply. Ahead of the fast-approaching May deadline, the successes and failures of the EMV rollout can serve as a useful example.

EMV was one of the largest changes to payments in decades, and the first step toward compliance was to understand its scope.

With EMV, retailers became responsible for any fraud that occurred with their credit card processors, a liability that was previously carried by credit card companies. Similarly, advertisers and publishers face serious financial implications if they fail to comply with GDPR – up to 20 million euros in fines, or 4% of revenue.

Overcommunicate

Ahead of GDPR, advertisers and publishers should overcommunicate. During the EMV rollout, consumers were justifiably confused and frustrated. The chip insertion process is much slower than the traditional credit card swipe, and consumers directed their frustration at retailers. But had they known that the chip is more secure than the swipe, they likely would have been more open to the change.

For GDPR, an analogous issue will arise when publishers ask for consumers’ consent to use their data. Under the new regulation, publishers must clearly ask consumers to give consent for the use of their data rather than relying on obscure terms and conditions. They should clearly remind customers that it’s designed to protect their privacy to circumvent any pushback and confusion as the regulation goes into effect.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Consumers may be confused or alarmed by the sudden ask from brands, perceiving that their information is less secure if publishers are communicating more thoroughly about their process.

Watch partnerships

With the EMV rollout, retailers needed payment processors that could accept EMV payments and ensure a seamless process that was consistent from retailer to retailer. If they didn’t pick the right partners, they risked missing the deadline and, even worse, taking the blame for the poor user experience.

With GDPR, liability is also shared among all partners. A publisher could be compliant, but if it works with a single partner that is not compliant, then the publisher isn’t compliant either.

Think beyond May 25

The EMV rollout forced retailers to overhaul credit card terminals. It was costly and time-consuming, but smart retailers viewed it as an opportunity rather than a challenge. Retailers update credit card processors infrequently, which made the EMV rollout an ideal time for retailers to consider new payment options, such as Apple Pay.

Similarly, advertisers should view GDPR as a catalyst for positive change. Quality is the No. 1 issue in digital media and advertising. Protecting consumer privacy is important, but that’s only one element of the quality discussion. We should use GDPR’s privacy discussions as a time to also address fraud and subpar advertising experiences.

While there was short-term pain for retailers and consumers during the EMV rollout, the regulation was a positive development for the industry. GDPR will likely do the same. As EMV showed us, change can be a good thing.

Follow OpenX (@OpenX) and AdExchanger (@adexchanger) on Twitter.

Must Read

Comic: What Else? (Google, Jedi Blue, Project Bernanke)

Project Cheat Sheet: A Rundown On All Of Google’s Secret Internal Projects, As Revealed By The DOJ

What do Hercule Poirot, Ben Bernanke, Star Wars and C.S. Lewis have in common? If you’re an ad tech nerd, you’ll know the answer immediately.

shopping cart

The Wonderful Brand Discusses Testing OOH And Online Snack Competition

Wonderful hadn’t done an out-of-home (OOH) marketing push in more than 15 years. That is, until a week ago, when it began a campaign across six major markets to promote its new no-shell pistachio packs.

Google filed a motion to exclude the testimony of any government witnesses who aren’t economists or antitrust experts during the upcoming ad tech antitrust trial starting on September 9.

Google Is Fighting To Keep Ad Tech Execs Off the Stand In Its Upcoming Antitrust Trial

Google doesn’t want AppNexus founder Brian O’Kelley – you know, the godfather of programmatic – to testify during its ad tech antitrust trial starting on September 9.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

How HUMAN Uncovered A Scam Serving 2.5 Billion Ads Per Day To Piracy Sites

Publishers trafficking in pirated movies, TV shows and games sold programmatic ads alongside this stolen content, while using domain cloaking to obscure the “cashout sites” where the ads actually ran.

In 2019, Google moved to a first-price auction and also ceded its last look advantage in AdX, in part because it had to. Most exchanges had already moved to first price.

Thanks To The DOJ, We Now Know What Google Really Thought About Header Bidding

Starting last week and into this week, hundreds of court-filed documents have been unsealed in the lead-up to the Google ad tech antitrust trial – and it’s a bonanza.

Will Alternative TV Currencies Ever Be More Than A Nielsen Add-On?

Ever since Nielsen was dinged for undercounting TV viewers during the pandemic, its competitors have been fighting to convince buyers and sellers alike to adopt them as alternatives. And yet, some industry insiders argue that alt currencies weren’t ever meant to supplant Nielsen.