Photo (cc) by zodman
This post comes from Adam Levin at partner site Credit.com.
A recent Gallup survey found that 69 percent of Americans worry “frequently” or “occasionally” about a credit card being compromised by computer hackers. It’s not shocking. Consumers are becoming more educated on the topic, and financial institutions are beginning to do more to combat fraud, including introducing new types of credit cards.
One example of the latter is chip-and-PIN technology, which everyone from consumers to the president has hailed for its ability to help prevent fraud. But is it the panacea that it’s been made out to be?
Let’s take a closer look at exactly what this technology entails. Unlike cards that use a magnetic stripe containing a user’s account information, chip cards implement an embedded microprocessor that contains the cardholder’s information in a way that renders it invisible even if hackers grab payment data while it is in transit between merchants and banks.
The technology also generates unique information that is difficult, but not impossible, to fake. There is a cryptogram that allows banks to see if the data flow has been modified and a counter that registers each sequential time the card is used (sort of like the numbers on a check), so that a would-be fraudster would have to guess the exact historical and dynamic transaction number for the charge to be approved.
Already used in every other G20 country as a more secure payment method, chip-and-PIN cards can be found on the consumer side of a global payment system known as EMV (short for Europay, MasterCard and Visa). The system will be rolled out in the U.S. in 2015, and many of us in the banking and data-security industries believe that it will stanch the flow of money lost to hackers while simultaneously cutting down on credit and debit card fraud.
MasterCard, Visa and American Express have begun sending out chip cards to their American cardholders. While the technology is expensive — the rollout of chip cards in the U.S. will cost an estimated $8 billion — it’s crucial to point out that this cost may balloon exponentially if the implementation of the new technology is done incorrectly, as a recent spate of fraudulent charges using chip-and-PIN-based technology shows.
This recent trend is one early sign that chip-and-PIN may not be the cure-all many consumers were hoping for, at least during the rollout phase. According to Brian Krebs, in a recent week “at least three U.S. financial institutions reported receiving tens of thousands of dollars in fraudulent credit and debit card transactions coming from Brazil and hitting card accounts stolen in recent retail heists, principally cards compromised as part of the breach at Home Depot.”