Has the credit card fiasco recently made famous by Target, Nieman Marcus, Michaels and several hotel chains made you nervous about using the credit card in your wallet? It has certainly heightened my concern!
Probably the only good thing to come from the problem is that a credit card security improvement may come to the United States faster than originally expected. The technology is called EMV (EuroPay, MasterCard and
Visa). EMV is designed to improve the security of the credit card transaction. EVM
was designed in 1994 and implemented in Europe 2002. Currently more than 80 countries around the world use this technology to process credit cards securely. CNN announced
Tuesday, February 4, that Target's CFO announced that Target is investing $100 million to migrate to the chip technology. Target expects to implement the technology early in 2015 which is months before the mandated implementation (October 2015). Read the article at:
http://money.cnn.com/2014/02/04/technology/security/target-senate/index.html?iid=SF_T_River.
EVM is generally known as “chip and
PIN” or “chip and signature” by most people. This technology is credited
for reducing
payment card fraud losses to a 10-year low in the United Kingdom in 2011
according to a First Data Corporation white paper. Read the paper by browsing to: http://www.firstdata.com/downloads/thought-leadership/EMV-Encrypt-Tokenization-WP.PDF
Chip and PIN cards include an embedded microprocessor (or chip) inside
the
card. The consumer enters a PIN to authorize a purchase. In contrast, chip
and
signature cards uses the chip along with the
consumer’s
signature to authorize a purchase. An example of a credit card with the EVM chip is shown below:
 |
| Image credit: creditcards.com |
Are you wondering how the chip and PIN technology works behind the scenes? According
to a White Paper written by First Data, “A chip-based payment
transaction occurs when a microprocessor (smart chip) embedded in a plastic card
or a personal device such as a key fob or mobile phone connects to an
EMV-enabled POS terminal. …The smart chip in the payment instrument securely
stores information about the cardholder’s account and the issuer’s payment
application, and it performs cryptographic processing for validating the
integrity of the card number and certain static and dynamic data used in the
transaction. This provides a strong form of card authentication, validating the
legitimacy of the payment type being used”.
In essence, the chip cards encrypt data for each transaction which makes it almost impossible to use fraudulently.
Seems simple, doesn't it. You may be wondering why it the technology has not been implemented yet. First, it is expensive to implement. All retailers will need to purchase new card readers. According to an eWeek report, each new reader will cost a business between several hundred dollars to as much as two thousand dollars. That can add up quickly for a large organization. The eWeek article is available at: http://www.eweek.com/security/implementing-emv-chip-and-pin-cards-can-be-costly-but-not-difficult-2.html. Second, this will cost merchants a lot to implement this technology. Current credit card processes do not encrypt transactions. The US will benefit from the processes in place in other countries. There will be costs however. Finally, consumers will need to learn how to use the new cards. Merchants are concerned about the learning curve. Consumers in the United States average four to five cards. If a consumer enters the wrong PIN, the transaction will be rejected. It might be reasonable to conclude that some people will write their PIN on their card to keep from forgetting the information.
No comments:
Post a Comment