October 8, 2015
By October 2015, the majority of credit and debit cards in the United States will be equipped with EMV-chip technology. EMV has already been implemented around the world to make payment cards more secure, but its safety net has significant limitations.
EMV, which stands for Europay, MasterCard, and Visa, technology promises to make your use of credit and debit cards safer than ever but the chips are not a cure-all when it comes to fraud. You may already have an EMV card, but you still need to be careful, understanding when and whether you are protected.
What is an EMV card?
EMV cards are equipped with a small computer chip that creates a unique code every time the card is used this code cannot be used again. Current credit and debit cards contain a magnetic strip that produces the same code every time it is used, making these cards easy to duplicate.
There are two types of EMV cards, â€śchip and PINâ€ť and â€śchip and signature.â€ť Chip and PIN cards require you to place your card in the chip enabled terminal and then enter your PIN to finish the transaction. Your card is not ejected from the terminal until the transaction is complete. Chip and signature works the same way, but rather than entering your PIN, you must sign to complete the purchase.
Chip and PIN cards are considered the more secure option, but the majority of EMV terminals in the U.S. will only be able to accommodate chip and signature transactions. This option is more secure than the magnetic strip cards, but requiring a PIN would cut down on fraud even further. Merchants and banks were concerned that requiring consumers to enter a PIN for each transaction would be too time consuming and would turn people off from using their cards.
How do you use your new card?
Most U.S. banks and credit card companies have already started issuing EMV cards to their customers. Research and consulting firm Aite Group estimates that 70 percent of credit cards and 40 percent of debit cards in the U.S., 1.1 billion cards total will support EMV by the end of this year.
If you have received a new card with a small chip on the front, you have an EMV card. While you may be prepared to make the EMV switch, many merchants are not. Youâ€™ll notice that your EMV card still has a magnetic strip on the back. This is to allow you to use the card in old magnetic stripe systems until all merchants have upgraded their systems.
In a store or restaurant that is still using the old payment systems, you would swipe your card as you normally do and carry out the transaction from there. The EMV technology would not be used in these situations. However, if you use your card at a merchant with a chip enabled terminal, you would â€śdipâ€ť your card in the machine (like you do at an ATM) and the terminal will ask for your PIN or your signature. You can then remove your card from the payment terminal.
The liability switch
The introduction of EMV cards has also changed the liability for fraudulent transactions. Currently, the bank or payment processor is responsible for reimbursing the consumer in all cases. After the Oct. 1, 2015, deadline, the liability will depend on the transaction. For example, if you use an EMV card at a merchant that has not upgraded their payment systems to accept EMV cards, the merchant will be liable for fraudulent charges rather than the bank. But if your bank or credit card company failed to issue you a new card and you use your old card at a merchant with EMV enabled terminals, the card issuer is still liable.
How will EMV cards lessen fraud?
As previously mentioned, these new cards contain micro-processing chips, making them dynamic, rather than static like older cards. The chip communicates with the payment terminal and creates a new transaction code for every purchase. Therefore, your card cannot be duplicated and used.
If you were to use your EMV card at a store that has been breached, your credit card data on file cannot be used to create a counterfeit card. The one time transaction code will be stored, but that code will not work again. So while EMV cards will not stop data breaches from occurring, they will protect your personal information and thereby reduce the profit that thieves currently make from duplicating and selling physical cards in the underground market.
But they wonâ€™t stop everything
You may still be in trouble, though, if your physical card is lost or stolen. Because the majority of U.S. payment terminals will only ask for your signature (rather than a secure PIN), a thief could successfully use your physical card by forging your signature. Furthermore, EMV cards will not protect you during online transactions. Because you are not entering your card in an EMV terminal for online payments, the chip technology is not being used. Therefore, if a hacker can get your payment card data from your online purchase (card number, expiration date, and security code) they can continue to make fraudulent online purchases. Similarly, if a thief is able to get your credit card number from a data breach, he would be able to successfully use the card online. EMV cards will decrease the amount of counterfeit cards being created but wonâ€™t do much to stop stolen card fraud or online fraud.
Making the switch to EMV cards is a step in the right direction but it isnâ€™t the cure all for our fraud problem. The chip and signature cards being introduced in the United States donâ€™t fully protect you from fraudulent charges. You must continue to take precautions to keep your accounts safe.
You should sign up for text or email notifications for your new EMV card. By doing so, you will receive a notification every time your card is used. If you see a charge you did not make you can quickly resolve the fraud with your bank or credit card company.
You should also continue to monitor your statements carefully. In many cases a thief will test your card with small charges first, so be on alert for any transaction you did not make.
Staying proactive about your bank and credit card security is the best way to keep your accounts safe from the hackers.
Edward J. Kohlhepp, CFPÂ®, ChFC, CLU, CPC, MSPA
Edward J. Kohlhepp, Jr., CFPÂ®, MBA
Please contact us whenever there are any changes to your financial situation, personal situation or investment objectives.