What’s so different about EMV Chip Cards?
Friday, September 2, 2016
Card fraud has jumped in recent years, and issuers, including Signal Financial, have begun migrating to EMV chip cards to help improve security for their customers. But what are chip cards?
Surprise! EMV chip cards are not new technology
EMV stands for Europay, MasterCard, and Visa. It’s become the worldwide standard for card security, widely adopted in almost every major market except the U.S. for decades. One reason fraud has increased in this country in recent years is that card counterfeiters have found more opportunities in the U.S. as other countries have adopted EMV.
The U.S. has been slow to adopt EMV because it will cost as much as $8–12 billion after all is said and done, but when compared to losses from fraud—$5.3 billion in 2013 alone—EMV is worth the price (squareup.com/townsquare/emv). Adoption of EMV has quickened since MasterCard and Visa set a deadline for issuers: as of March 2016, about 80 percent of U.S. credit cards were EMV cards. A majority of debit cards are expected to have EMV chips by the end of the year as well.
Yes, EMV chips really do prevent fraud
In the U.K. and Canada, counterfeit card fraud rates have steeply declined since adoption of EMV cards: “The UK has seen a nearly 70 percent decline in counterfeit card transactions since adopting chip cards, according to Barclays.” (squareup.com) Both MasterCard and Visa have reported this year that fraud rates for EMV-equipped merchants have dropped significantly. “The year-over-year fraud rate decline may actually be more substantial for larger merchants, according to MasterCard, as its research puts that figure at 60 percent for its top five EMV-equipped merchants.” (Sienna Kossman, creditcards.com)
Using EMV cards will not prevent all types of fraud, but it will cut down significantly on fraud resulting from data breaches and skimming devices. Cardholders must remain vigilant with their personal information and take steps to protect their computers from phishing or malware attacks, because even EMV cards do not protect against these types of fraud.
More secure than the magstripe card
Traditional magstripe cards encode your personal information permanently into a magnetic stripe. Anyone who can access the data in the stripe can access your information and use it to make a counterfeit card. In contrast, EMV cards contain a small computer chip that generates a one-time-use code for each transaction. This code can’t be used again, so even if a hacker gets your chip information from a data breach or a skimmer, they can’t make a usable counterfeit card.
Using EMV chip cards is easy
To use an EMV card, “dip” it into a slot at the front of the reader and leave it there until the transaction is finished and the reader gives you a message indicating it’s okay to remove your card. The reader must verify that the card is legitimate, and this takes a bit more time than simply swiping the card. In the future contactless payments may become more widely adopted, but currently most EMV cards must be placed physically into the reader.
Most EMV cards have a magentic stripe as well, so they can be used at merchants that are not EMV-enabled. If an EMV reader is available, use your card that way, as the chip cannot protect your data if you swipe your card.
Change in liability for merchants
Whereas the cost of fraud from counterfeit magstripe cards currently falls on the card issuer or payment processor, the cost of fraud now falls on whoever in the transaction is the least EMV-compliant. For example, if a counterfeit card is used at a merchant that has not upgraded to EMV readers, the cost of the fraud will be the merchant’s responsibility. This change in liability was designed to encourage rapid adoption of EMV technology among merchants. MasterCard requires ATMs to be EMV-compliant by October 2016, and Visa’s deadline is October 2017. Fuel pumps will be required to be compliant in 2017.
By Tracy Anadale
Sources and further reading: