There has to be a better way…
There has been a large amount of discussion surrounding the security of using cards to pay at the register in recent months. The interest in the security of these payments was recently ignited in November 2013 when Target and Neiman Marcus both suffered breaches that captured the sensitive data stored in the magnetic strip on the back of cards. When a criminal steals this data, they can actually make a physical replica of the card and use it as a normal debit or credit card. Many cardholders throughout the country have been wondering what can be done to make card payments more secure. Fortunately, we’re very close to a solution here in the U.S.
It’s all in the chips, it’s all in the chips.
Card security effects almost all of us – any time we use a debit or credit card, we interact with the payments system. It should therefore be comforting to each of us that Visa, MasterCard and other major card brands are already working to help usher in a new method of card security. You may have heard of this new method referred to as EMV (Europay MasterCard Visa) also known as “Chip and Pin”.
This “Chip and PIN” method of accepting cards works by having you insert the card into the terminal rather than swipe it. The chip then creates a dynamic authentication with the hardware that ensures it is the real card and not a fake, and is ultimately much more secure than the Magstripe technology from decades ago.
The EMV standard unifies the way cards are used around the globe. In fact, if you travel, you may have already received a card with a chip in it or experienced a shop in a foreign country that only accepts chip cards. Currently, the US is one of the last countries in the world to adopt this more secure payment method, despite the visibly urgent need to do so. This leaves many people asking “Why?” The short answer to this question is that implementing a new standard in any industry is tough, and this gets even further complicated when the standard ultimately means that companies will have to invest large amounts of money in new equipment.
What does it mean?
Providing a secure technology that comes in the form of an entirely new type of debit and credit card inherently requires new hardware to do so. Here in lies most of the resistance. As banks continue to filter these cards out into the market, we will see both the merchant and consumer demand to use the more secure technology grow.
Fortunately, Visa and Mastercard are putting forth various efforts on their part to help get people on board more rapidly and raise the overall security of cardholders throughout the United States. Even the PCI Data Security Standards Council, who are responsible for setting the requirements that all merchant account holders must meet, is also making concessions.
In our next blog on EMV, we will look in depth at the incentives being offered by the card brands and PCI Council, the timelines for these incentives, and a planned liability shift for transactions in 2015.
If you have any questions about EMV, security, or PCI that you would like to see covered, let us know! You can email us at compliance@cashlinq.com to share your thoughts or questions which we may then address here on our blog!
Photo Credit: http://www.visasecuritysense.com/en_US/for-retailers.jsp