Home Data-Driven Thinking GDPR And Lessons From The Credit Card Chip Rollout
OPINION: Data-Driven Thinking

GDPR And Lessons From The Credit Card Chip Rollout

By AdExchanger

SHARE:

Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Ryan Eney, director, legal, at OpenX.

In 2016, the retail and finance ecosystem was shaken up with the US introduction of EMV, the global credit card chip technology retailers were required to use when consumers made in-store purchases.

In years leading up to 2016, highly visible credit card fraud schemes surged. Privacy and fraud were top of mind for everyone in the supply chain, from retailers and payment providers that facilitated the transactions to the consumers who ultimately suffered the most. The industry recognized that substantial changes and a standardized approach were needed for greater consumer protections, and EMV – named after Europay, MasterCard and Visa, which created the standard – was rolled out.

While it was a big step forward for consumer protection, it also had a large impact on retailers that were forced to revamp their payment infrastructure. New systems were rolled out across the country, and banks and credit card providers issued hundreds of millions of new cards, allowing the EMV chip to become the norm in less than 24 months.

Like the EMV requirement rollout, the upcoming General Data Protection Regulation (GDPR) makes progress toward protecting consumers’ privacy, and the businesses affected must complete significant upfront work to comply. Ahead of the fast-approaching May deadline, the successes and failures of the EMV rollout can serve as a useful example.

EMV was one of the largest changes to payments in decades, and the first step toward compliance was to understand its scope.

With EMV, retailers became responsible for any fraud that occurred with their credit card processors, a liability that was previously carried by credit card companies. Similarly, advertisers and publishers face serious financial implications if they fail to comply with GDPR – up to 20 million euros in fines, or 4% of revenue.

Overcommunicate

Ahead of GDPR, advertisers and publishers should overcommunicate. During the EMV rollout, consumers were justifiably confused and frustrated. The chip insertion process is much slower than the traditional credit card swipe, and consumers directed their frustration at retailers. But had they known that the chip is more secure than the swipe, they likely would have been more open to the change.

For GDPR, an analogous issue will arise when publishers ask for consumers’ consent to use their data. Under the new regulation, publishers must clearly ask consumers to give consent for the use of their data rather than relying on obscure terms and conditions. They should clearly remind customers that it’s designed to protect their privacy to circumvent any pushback and confusion as the regulation goes into effect.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Daily Roundup

Daily News Roundup

The Fin Tech Ad Tech Boom; Temu Tops Meta’s Charts (But At What Cost?)

Consumers may be confused or alarmed by the sudden ask from brands, perceiving that their information is less secure if publishers are communicating more thoroughly about their process.

Watch partnerships

With the EMV rollout, retailers needed payment processors that could accept EMV payments and ensure a seamless process that was consistent from retailer to retailer. If they didn’t pick the right partners, they risked missing the deadline and, even worse, taking the blame for the poor user experience.

With GDPR, liability is also shared among all partners. A publisher could be compliant, but if it works with a single partner that is not compliant, then the publisher isn’t compliant either.

Think beyond May 25

The EMV rollout forced retailers to overhaul credit card terminals. It was costly and time-consuming, but smart retailers viewed it as an opportunity rather than a challenge. Retailers update credit card processors infrequently, which made the EMV rollout an ideal time for retailers to consider new payment options, such as Apple Pay.

Similarly, advertisers should view GDPR as a catalyst for positive change. Quality is the No. 1 issue in digital media and advertising. Protecting consumer privacy is important, but that’s only one element of the quality discussion. We should use GDPR’s privacy discussions as a time to also address fraud and subpar advertising experiences.

While there was short-term pain for retailers and consumers during the EMV rollout, the regulation was a positive development for the industry. GDPR will likely do the same. As EMV showed us, change can be a good thing.

Follow OpenX (@OpenX) and AdExchanger (@adexchanger) on Twitter.

Must Read

Pictograph of graph, mug of beer
Marketers

Inside AB InBev’s Strategy For Tapping Into First-Party Data

Pour one out for third-party data. These days, AB InBev’s digital marketing strategy is built squarely on first-party data.

Measurement

4A’s Measurement Committee Says New Currencies Aren’t Ready For Prime Time – Yet

The 4A’s measurement committee, a working group for marketers and media buyers to discuss their opinions and concerns about video ad measurement, has some thoughts on the status of alternative TV currencies.

AdExchanger Commerce

How Chinese Sellers Are Quietly Reshaping US Consumer Habits

American consumers are buying more and more online products directly from Chinese manufacturers. It’s an important change, though many online shoppers are unaware.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
AdExplainer

T-Commerce Vs. Shoppable TV

Television commerce, or T-commerce, is similar to shoppable TV: both refer to buying something you see on television. But shoppable TV is far more nascent – and also has different implications on attribution.

commerce

Why White Claw’s Parent Company Is Pouring Investment Into Headless Commerce

A booze brand and a “headless commerce” platform walk into a meeting with the CFO. That might sound like the setup for a punchline, but it’s just how mar tech works these days.

marketing measurement

As MMM Rides Again, Google Finds Its Place In The Conversation With Meridian

Tracking is a mess. Attribution is broken beyond repair. IP address identity data may go the way of the dodo. Which means marketing mix modeling is back, baby!

Popular

  1. One more year ...
    Chrome privacy sandbox

    Google Won’t Pull Cookies In 2024

    Google announces it’s delaying its self-imposed deadline to deprecate third-party cookies on Chrome for the third time.

  2. Comic: Not-So-Secret Sauce
    Publishers

    The NY Post Is Turning First-Party Data Into Direct Deals, With A Little Help From Its Friends

    To build a first-party data strategy, the NY Post contracted Permutive and Prohaska Consulting for advice on monetizing its audience data and growing its addressable audience. The collaboration prompted Permutive and Prohaska to expand their combined services to all publishers.

  3. Pictograph of graph, mug of beer
    Marketers

    Inside AB InBev’s Strategy For Tapping Into First-Party Data

    Pour one out for third-party data. These days, AB InBev’s digital marketing strategy is built squarely on first-party data.

  4. CTV

    Netflix Announces New Ad Measurement Options Ahead Of The Upfronts

    Netflix grew its overall revenue by 15% year over year, largely driven by account growth, thanks to anti-password sharing tactics. It also unveiled new ad measurement options for advertisers.

  5. Measurement

    4A’s Measurement Committee Says New Currencies Aren’t Ready For Prime Time – Yet

    The 4A’s measurement committee, a working group for marketers and media buyers to discuss their opinions and concerns about video ad measurement, has some thoughts on the status of alternative TV currencies.