Perhaps we’re dating ourselves by using the ‘silver bullet’ description in referencing the new EMV credit cards. For those not much into 1960s horror films, the ‘silver bullet’ theory describes the only way to kill a werewolf.
In terms of the credit card payments industry, fraud is the werewolf, but the new EMV credit cards are not the silver bullet. Not yet at least. They are a step in right direction to fight credit card fraud and counterfeiting, but EMV credit cards are still loaded with flaws.
Falsely labeled the perfect solution to fighting credit card fraud, migration to EMV will take a few more years to have a significant impact on credit card fraud in the U.S. (Which is the last of the G20 nations to migrate to such).
Here are what we believe to be three flaws:
Reason 1: Consumers and Merchants Awareness of Liability
When a consumer approaches checkout, swiping is the first impulse. It is all American consumers have ever known. Additionally, when consumers hand over a credit card to a cashier say, to pay the bill at a restaurant, is the cashier swiping or inserting? And how do we know?
The EMV liability shift, which began Oct. 1, 2015, basically assigns blame to the party in a credit card transaction who is using the least secure role. Credit card transactions still have massive room for error.
Reason 2: With the Stripe, There is Risk
Back to swiping. As long as there is a magnetic stripe on the reverse of a credit card, consumers and merchants are at risk. The data contained in a magnetic stripe is easily accessible and prone to counterfeiting by hackers.
The conundrum lies in U.S. merchants universally being able to accommodate EMV credit card transactions, so that swiping is no longer necessary, and no longer needs to be an option.
Reason 3: We’re Not Using the PIN
When using an EMV credit card, there is a difference between transactions in the U.S. and, for example, the U.K.. When a U.K. consumer makes a purchase, he/she is prompted to enter a unique four-digit PIN to verify the card belongs to the consumer. It makes a credit card nearly unusable to a thief, if said thief doesn’t know the PIN.
U.S. consumers aren’t using PINs quite yet, so just about anyone can use a stolen credit card. The smarter, more informed merchants will request a photo ID at the point of sale.
The Good News
If nothing else, U.S. consumers are generally far more aware about credit card security than they were even a year ago. Migrating to more secure EMV credit cards – without the magnetic stripe – is going to take several years, but U.S. consumers and merchants are headed in the right direction.