Credit card payment organization will hold merchants, acquirers, issuers liable for fraund if the party is lagging behind in security even if it can't be shown directly that the fraud was their fault. This is called liability shift.
The page you linked to says that gas pumps ("Automatic Fuel Dispensers") are exempted from liability shift until October of this year. But that's actually out of date information: the exemption for ATMs has been pushed to October 2017 (from the original date of October 2015), but gas pumps aren't required to go that route until October 2020:
The "shimmers" take advantage of poor implementations of the EMV standard, but the chances strike me as fairly high that there's going to be a lot of poor implementations of EMV out there in the wild. (Not only is the less secure "chip and signature" approach common in the US, I've made more than one purchase with what could be described as "chip and nothing": put my card in a chip reader and make a purchase without being asked for either a PIN or a signature.)
There was a presentation at either the latest Black Hat or Defcon (forget which, been watching presentations from both the past few weeks) with a live demo of a really nifty EMV fraud system. Rather than stealing card info, you'd install shimmers in a bunch of ATMs or other such places, then run a system where people could pay for access to the card at a certain location at a certain time. Walk up to the ATM and money comes out. The money comes from an account which (I believe) was being used at the time (or within a few minutes of it) on one of the far-away bugged machines.
http://www.emv-connection.com/best-practices/what-is-the-fra...