Last week I attended the CARTES North America conference. It is an event focused more directly on credit card issuers and the technologies that support them. So what was I doing there? Well, increasingly it seems that the future these industry players are building will have direct impact on how retailers engage with customers, and not just around a payment transaction.

Yes, it’s true that retailers have started taking a greater interest in the future of payments — the MCX group and ISIS are both examples of associations that are trying to bring retailers into the mix. But even with those two groups’ activities, I find retailers woefully under-engaged in understanding how the evolution of payment technologies may directly change their lives — and their consumer-focused investment plans. I’ve heard from some retailers who dismiss MCX because of Walmart, dismiss ISIS because of the payment networks (at whom they still seethe over PCI), and dismiss PayPal because of eBay. That’s a lot of dismissing and not a lot of engaging. I find it supremely ironic that these retailers seem content to let those very same networks they despise, alongside the major banks/card issuers, define how it is retailers should interact with shoppers.

Because that is exactly what they’re doing.

The United States is in a particularly unique place when it comes to the future of payments. EMV — otherwise known as chip & pin for the chip on the card and the PIN the cardholder enters at a transaction (from the end-user perspective, much like a debit transaction) — has been implemented practically around the world, except for in the US. If you’ve traveled abroad at all, as an American you can rapidly feel like some backwater country when you offer your low-tech mag-stripe-only card for payment. They have to fetch the special terminal for swipe and signature, and you feel the pressure of the line behind you as the store associate searches for the archaic pen to sign the archaic receipt.

And, in fact, mag-stripe related fraud has gotten so bad that there are some issuers — and some merchants — in Europe who no longer take swipe cards, and soon enough the majority of cards issued in Europe will come without a mag stripe at all.

The US has been behind the times in part because we were ahead of them with PCI. After retailers were forced to upgrade their payment terminals and submit to security audits that often required additional significant investments, the last thing they wanted to hear was “Okay! Let’s do it all again!” But after receiving their bye on EMV, the time has come to invest. Retailers essentially have until October 1, 2015 to install chip & pin terminals, or face a “liability shift” — where they will be held liable for any fraud that results because they haven’t implemented chip & pin.

This situation puts US retailers at something of an advantage. The rollout of EMV in Europe wasn’t without its snags. And there has been another major rollout recently, closer to home in Canada, that has also provided some valuable lessons that promise to reduce the cost, the time, and the risk involved in implementing EMV. There are worse places to be.

But it’s also a very disrupted time in payments, particularly around mobile payments. There are a lot of experiments out there, some of which have expanded into pilots, and in the developing world, some activities promise to leapfrog traditional banking completely. Mobile is almost the only way to do business in some areas of the world.

US retailers aren’t stupid. They’re looking at everything that’s happening in this space and wondering if there isn’t an opportunity to leapfrog. European retailers in particular now find that the shoe is on the other foot. Having just gone through a long and painful EMV rollout not that long ago, they’re very unexcited about “doing it all again” to incorporate NFC and/or mobile. Retailers like Tesco have even taken public stances in direct opposition to NFC, and I’ve heard some retailers say either that NFC is dead on arrival, or it will never be a real thing unless it’s on an iPhone (Tim, are you listening?).

Here’s the thing though. When you’re thinking about payments and NFC and mobile, I would love for you to keep this in mind. NFC and EMV have a lot of affinities. If you’re going to replicate the EMV experience on the phone, there must be some kind of (as the industry puts it) Secure Element. Some groups are looking at EMV on SIM, where the EMV functionality is embedded on the SIM card in a mobile phone. Some groups are looking to embed an NFC chip directly in the phone, regardless of SIM. Either way, the interaction between phone and reader would need to be NFC-based, and by definition, contactless. And an embedded NFC chip can still also serve the chip requirement of EMV, together with a PIN (and that’s about as far as I’ve gotten in understanding the bones of the technology, so bear with me).

Here’s where things get interesting. In both Europe and Canada, when you take away the opportunity for mag-stripe-related fraud, the fraudsters immediately turn to online fraud. It’s like squeezing a balloon. You squeeze down on one half, and the other half gets bigger. The reaction is almost immediate. So as part of EMV rollout, US retailers need to be aware that whatever they are doing to prevent online fraud, they’re going to need to double that effort once EMV is out. Fraud pursues the easiest target, and in 2015, online will become that target.

But what if there was a way to make an online transaction look exactly like a card present transaction? What if there was a way, over the cellular network, for a card acquirer to contact the shopper’s mobile phone, prompt for a PIN, and validate against a Secure Element on the phone all in the course of an online transaction? Or to securely send a 6-digit PIN to the shopper to enter into an online field to confirm the transaction? Either way, we’re talking primarily about using some combination of mobile and NFC, transacted over EMV. Complicated or not, if the industry could solve the card not present problem of online transactions, there would be a real and immediate benefit to everyone from issuer to acquirer to retailer to consumer.

What about Starbucks and PayPal? you might ask. Starbucks utilizes a barcode generated on the phone, which bypasses the need for any kind of Secure Element. And also regularly comes under fire for not being nearly as secure as it should be. Or perhaps a better way to say it is, when $50 is at stake, and your gold card status at Starbucks, maybe that’s secure enough. Is it secure enough for direct access to your checking account?

Paypal is different — in store, it’s enter a phone number and a PIN. But isn’t that basically a card not present transaction? I confess I don’t know how EMV requirements will impact PayPal’s store strategy.

What I do know is that retailers should not dismiss NFC out of hand. In fact, given the avalanche of online fraud that is coming, they should be pushing the rest of the industry even harder to quit squabbling over the pieces of the pie, and worry about how to make a good pie that everyone wants to eat. One message that was delivered loud and clear at CARTES was this: no one is going to dominate mobile payments. No one is going to corner the market — it’s too important and there are too many players needed to make mobile payments a reality. Each group might be the big gorilla in their own respective space, but that does not make them the leader overall. Right alongside that message, another important one to remember: ultimately, it’s about what the consumer will adopt. Retailers can have a lot of influence over that — if they choose to engage.

US Retailers do have a chance to leapfrog Europe and Canada with their EMV implementation. But a lot of things need to happen in the industry to make that a reality. If you want more info on how retailers are thinking about the future of payments, I encourage you to read our benchmark report on the topic.