Why do I have a chip in my Debit Card?
This is one of the most talked about subjects in the payment world of late. Nobody seems to understand why there is now a chip in their card. We have all stood there at the checkout counter attempting to pay by sliding our card, only to be told (usually in a somewhat irritated tone) to insert the card because it has a chip. Some stores want you to use the chip, other don’t – all seems a bit confusing. Added to this confusion on how to pay, is why. Why do we need chips in our cards? The old way seemed to work just find. Well, read on and all your chip related questions will be answered. The simple answer – its all about security, convenience, and worldwide acceptability.
If you haven’t been issued a chip card yet don’t worry, you will. Those little shiny squares are called EMV chips and they’re already on 120 million cards in the United States. The deadline for most retailers and card issuers to become compliant, as established by MasterCard, Visa, Discover and American Express, was Oct. 1 2015, so you should have them by now.
These companies have a lot of incentive to do a better job securing your card transactions: money. In 2013 alone, criminals stole $2 billion in the United States by duplicating the information on the standard magnetic strip found on the back of every card. That was a 100% increase from the year before, according to research firm Aite Group.
Plus, some of the worst credit card crimes in recent years exploited the payment machines where you swipe your card. You remember when Target was hacked in 2013? Criminals hacked the in-store credit card readers to steal information from up to 70 million people. Last year, The Home Depot reported that criminals used that same method over a five-month stretch to compromise credit card information from 56 million people.
EMV chips are intended to make it a lot tougher for criminals to steal your information, and to exploit retailers’ payment systems. Here’s how it works, and why it still isn’t as safe as you might hope.
The EMV chip in your card protects you from criminals in a number of ways. If you’ve tried swiping a credit or debit card with an EMV chip in it, you know that it doesn’t work with standard credit card readers, which read the magnetic stripe. The chip is different from the stripe, and that includes the way your information is stored on them.
With a magnetic stripe, all your information is coded on it. If a counterfeiter steals it and copies it, he can use your information over and over. However, the EMV chip doesn’t store your information. Instead, the computer chip creates a unique transaction ID each time you use it. It uses encryption to securely hide your personal information, so even if hackers get the ID, it’s worthless to them.
Second, in most of the world, credit card issuers require that people also input a PIN. That’s commonly referred to as the chip-and-PINmethod. It’s a great way for you to keep your cards, and information safe. When you use chip-and-PIN, the EMV chip creates a unique ID for that transaction. On top of that, you have to unlock your card with your PIN. Even if a criminal did get his hands on your card, he most likely would have a really tough time getting past your PIN.
Third, some EMV cards use something called a near field communication (NFC) to make financial transactions. You wave your card past an NFC reader, or insert it into one and your money is transferred using radio wave technology from your card to the retailer. In order for criminals to steal your information, they’d literally have to be within a few inches of you, and have an NFC reader with them. That’s doable, but not something everyday criminals will take on.
While credit cards and debit cards with EMV chips will do a better job of protecting your information from theft, EMV for the moment is an imperfect system. Or, more precisely, it’s an imperfectly executed system. Here’s why:
1. While the Oct. 1 deadline for retailers and credit card issuers to transition over to EMV cards has already come and gone, most still aren’t compliant. These cards will become more commonplace over the next two years, but that’s a long time to leave customers exposed. In fact, automated gasoline pumps, one of the easiest places for thieves to swipe card data, don’t have to be compliant until 2017.
2. The chip-and-PIN method, where the EMV chip creates unique transaction codes and you also input a PIN to unlock your card, isn’t really going to be used in the United States. At least not as widely as it is elsewhere in the world. Here, you will most likely use your EMV cards by inserting them into a reader or waving them over one, and then providing a signature instead of a PIN. That means the EMV cards will be safer than current cards with magnetic stripes, but not as safe as they can be.
3. If you travel overseas, where the chip-and-PIN method is used, you may run into some problems if you don’t have a PIN. Plus, in the U.S., there will be a transition period where cards have both a magnetic stripe (which will eventually go away) and the EMV chip. You may find EMV readers in some countries may not read a card with both a stripe and a chip.
4. Criminals are clever, but you already knew that. If they steal your EMV-equipped card and use it to make an online purchase or place an order over the phone, they don’t need to scan your EMV chip. It’s called a card not present, or CNP transaction. It’s a growing problem in countries that use the chip-and-PIN method.
Despite this, moving forward with EMV cards is a definite plus. It’s about time cardholders and retailers took security seriously.
To discuss options to add a chip-and-PIN reader to your business, feel free to contact us or
call our sales team at 877-743-1551.