Why Do We Still Use Credit Cards With Outdated Technology?

Many of us wiped our brows with relief when we realized we weren’t among the approximately 40 million American consumers whose credit and debit card data was recently compromised in a Target data breach.

But U.S.credit cards rely on antiquated technology that makes future occurrences a near certainty, NPR says.

That’s because the technology we use to swipe for our purchases — magnetic stripes on the backs of cards — isn’t hard for a skilled fraudster to hack.

It’s totally unprotected and it’s static, so it’s the same data that’s read every single time. It’s just about the worst security that you can put into a payment system, says Avivah Litan, a security analyst for Gartner, a firm retailers hire to assess their cybersecurity gaps.

Many question why U.S. card companies still use outdated technology and haven’t switched to the more secure chip and PIN system that’s common in the rest of the world. For one reason, upgrading would cost a lot.

But at least one security expert, Ross Anderson, a 30-year veteran of payment technology and a professor of security engineering at the University of Cambridge, says that is the wrong question to ask, reports NPR. Anderson said, “Simply blocking off one of the avenues of attacks by fraudsters isn’t enough to make fraud vanish.” They’re going to find some other way to game the system.

And, he notes, U.S. consumers do have great protection: If a fraudulent charge is made, the consumer is technically on the hook for no more than $50, although in practice it’s actually zero.

Still, these recent data breaches at Target and Neiman Marcus and other unidentified stores should make us more alert to the possibilities of fraud and identity theft.

Reuters reports that it obtained a confidential, three-page report by the FBI to retailers that details “the risks posed by ‘memory-parsing’ malware that infects point-of-sale (POS) systems, which include cash registers and credit-card swiping machines found in store checkout aisles.” The FBI report says:

We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms’ actions to mitigate it. The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors.

So have fun shopping, but consider paying cash.

Sign up for our free newsletter

Like this article? Sign up for our newsletter and we'll send you a regular digest of our newest stories, full of money saving tips and advice, free! We'll also email you a PDF of Stacy Johnson's '205 Ways to Save Money' as soon as you've subscribed. It's full of great tips that'll help you save a ton of extra cash. It doesn't cost a dime, so why wait? Click here to sign up now.

In debt? Find the solution that's best for you.

DebtFlex is FREE and confidential.

Click here to find out more.

If you're in debt, you might need help. But it can be overwhelming trying to find someone reputable who wont take advantage of you.

We've found a site that weeds out the nasty from the nice, and will help you pick a qualified and trustworthy partner to guide you on a path out of debt.

Comments & discussion

We welcome your opinions, but let’s keep it civil. Like many businesses, we reserve the right to refuse service to anyone. In our case, that means those who communicate by name-calling, racism, using words designed to hurt others or generally acting like an uninformed bully. Also, comments that include links to email addresses or commercial websites typically aren't posted. This isn't a place to advertise your business.

  • Old Highland Guy

    The chip on this card is a radio frequency identification (RFID) chip and it is NOT secure while you are carrying it around in your wallet or purse. It emits radio waves that are easley detected and picked up with a small receiver. That receiver then pushes the information on to a small laptop. All of this equipment will be in a small briefcase of bag. Now that your card has transmitted the signal to the thief, all the thief has to do is use a card scanner to embed this information onto a bogus card and charge $200 or $300 on your account. I know that with this card you must use a PIN to complete the charge and I don’t know how the thieves are getting around that but they are. So, beware of RFID cards. Perhaps they are now secure but then again maybe not.
    I am no expert on this technology and could be totally off base but, I am afraid of those cards until I see proof they are 100% secure.

    • shumidog

      All you need is a tyvek sleeve or a blocking wallet. Not a big deal. My drivers licence has an RFID chip, and all the new passports do, too.

  • shumidog

    So will you answer the question, “Why are we using outdated technology?” Could it be because the Banks put profits over upgrades?

    • Michael Smiley Gawthrop

      I think you hit the nail on the head…. when it becomes cheaper to do the upgrades than to pay to handle the fraud, the upgrades will be done practically overnight.

    • Jason

      It is not the banks it is the retailers resisting change. Banks would love to upgrade the security in cards because they are the ones that pay for credit card fraud and it would cost them very little to update the technology in cards. On the other hand retailers would have to spend hundreds of dollars per point-of-sale system to upgrade and right now credit card fraud costs the retailer nothing.

      • shumidog

        My understanding is that the banks are now either passing the cost of credit card fraud to the retailers or pushing Congress to allow them to do this. So it will benefit the retailers to upgrade their systems. It is costing Target real $$$ to deal with the fraud. BTW who are the two other firms besides Nieman Marcus who were breached? I have yet to see names in any of the articles I’ve read.

        • Jason

          Retailer have until 2015 to install point-of-sale systems that use chip technology. After 2015 the retailer is responsible for any fraud that happens in their store if they don’t upgrade their equipment.