Today, 1st October 2015, is the deadline for US-based Banks and Retailers to roll out Chip-embedded Credit Cards (powered by EVM Technology) to customers that will make transactions more secure.
EVM Technology stands for Europay, MasterCard and Visa -- a global standard for Payment Cards equipped with Chips used to authenticate chip card transactions.
Starting Thursday, Merchants must have new Payment Terminals installed to accept Chip Cards in their stores or restaurants. Otherwise, they will be responsible for credit card frauds.
Stephanie Ericksen, Visa's Vice President Risk Products said, "That's the date by which if a merchant doesn't have a chip terminal, and a counterfeit card is used at that location, they may be liable for that fraud on that transaction.''
60% Customers Still have Old Credit Cards
However, If you have not received a new credit card with chip technology, don't worry, you are not alone.
According to latest stats revealed by MasterCard, 60% customers still have Old Credit Cards based on Magnetic Stripe Technology, and it could take next 2-3 years to transform the whole payment system.
“The number of chip cards in the U.S. from these issuers will grow to 60 percent by the end of this year, expanding to 98 percent by the end of 2017,” MasterCard said.
In the wake of numerous high-profile Data breaches, including Target, Neiman Marcus or The Home Depot, and increasing rates of Credit Card Fraud, the Payment Card distributors are migrating to this new technology to reduce the costs of Frauds.
Traditional Magnetic Stripe cards transmit your account number and secret PIN to merchants, which could be easily hacked by fraudsters and cyber criminals.
Whereas, In case of Chip-n-PIN EMV Card, Embedded microchip stores your data in encrypted form and only transmits a unique code (one-time-use Token) for every transaction, making it difficult for cyber criminals to use the card for counterfeit fraud.
Thus, the need to bring the Chip-n-PIN technology as soon as possible was intended. To elaborate more on Chip and PIN Smart Payment Cards, they are capable of:
- Initiating Two-factor authentication (2FA) by applying Tokenization process.
- Decreasing card Counterfeit rates.
- Contactless card reading.
- Eliminating the Card swipe method by enabling “Card Dipping”- putting the card into a terminal slot and waiting for it to sense and process.
Also, if these EMV cards get stolen, the information on the chip gained by an attacker will be of no use because the stolen transaction number created in that instance is unique and cannot be reused and after “dipping” it will deny the card.
This New Payment Card can be called by various names, such as:
- Smart card
- Chip card
- Smart-chip card
- Chip-enabled smart card
- Chip-and-choice card (PIN or signature)
- EMV smart card
- EMV card
- Chip and Dip card
Is Chip and Pin Technology Safe Enough?
Well, all anti-cloning theories are already proven wrong by security researchers and hackers.
Check out some previous articles posted on The Hacker News about hacking Chip-and-Pin cards :
- Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning
- Chip and PIN payment card system vulnerable to Card cloning
- Fraudsters Physically Deploy Malicious Software to Hack ATMs
- FAQs about EMV credit cards
- Smart ATM offers Cardless Cash Withdrawal to Avoid Card Skimmers
Also, for online usage, neither a PIN nor a Signature is required, so just stealing credit card numbers is sufficient to use them for Fraud.
Moreover, as a solution, mobile payment and digital wallet services like Apple Pay and Google Wallet can be promoted by adopting more robust security mechanism and protocols; and making monetary transactions more safe and easy.
Another solution could be considered as the use of multiple factor authentication methods like Biometrics.
Also, you can take a sneak peak into this Video, where Jerry Irvine, member of the U.S. Chamber of Commerce Cyber Security Leadership Council and CIO of Chicago-based Prescient Solutions, in an interview with Slashdot Media discusses the new technology and its principles that promise safe payment practices.
Popular Deals From Our Store
Ethical Hacking Certification Training
Get Professional Ethical Hacking Certifications: CEH, CHFI, CISM, CISA, CISSP Trainings.
96% Off Get this Deal
Computer Hacking Forensic Investigation
Online Hands-on Training with Lifetime Access to Forensic Investigation Certification Classes.
98% Off Get this Deal