Payment Card processing systems upgrading to Chip-and-PIN and Point-to-Point Encryption
The massive data breaches in U.S retailers 'Target' and 'Neiman Marcus', in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, have put a spotlight on the need for more secure transactions.

To tackle this issue, the two major payment card brands, MasterCard and Visa have announced the formation of a new cross-industry group that will focus on the security of the enhancing payment system to keep pace with the expectations of consumers, retailers and financial institutions in the United States.

"The recent high-profile breaches have served as a catalyst for much needed collaboration between the retail and financial services industry on the issue of payment security," says Ryan McInerney, president of Visa Inc. "As we have long said, no one industry or technology can solve the issue of payment system fraud on its own."

The joint effort aims to advance the migration to EMV chip cards, also known as PIN-and-chip cards and to promote additional security solutions like tokenization and point-to-point encryption as well.

When we talk about the Chip technology, it generates a unique code for every transaction, making it nearly impossible for criminals to use the card for counterfeit fraud.

As the Target hack exposed that traditional magnetic stripe payment cards transmit your account number and, in the case of debit cards, your secret PIN to merchants, but in case of 'Chip-and-PIN' cards you're not transmitting an actual credit card number, instead it transmits a one-time-use token number that banks and card processors can match up with your account on the other end to process the transaction, but that doesn't reveal your account number, even with the merchant.

Merrill Halpern of the United Nations Federal Credit Union, a pioneer in the use of chip cards says in an interview with Information Security Media Group, "A PIN cannot be compromised. ... And the chips cannot be copied" and stresses that "EMV also is providing the foundation for moving ahead with more secure transactions, no matter what [type]. It's flexible and it's an evolving standard."

Besides these two cards brands, the alliance will include the banks of all sizes, credit unions, acquirers, retailers, point-of-sale device manufacturers and industry trade groups, says the card brand in the press release. The importance of formation of the group is to work together to deliver meaningful solutions that will benefit consumers, merchants and financial institutions of all sizes and will ensure that all voices can contribute to the strategic direction of payment security.

Group Focuses on:
  • Advancing the migration to EMV in the United States.
  • Promoting additional security solutions like tokenization and point to point encryption.
  • Developing an actionable roadmap for securing the future across all segments of the payments industry.
"One of the critical roles we play is to protect consumers and businesses against criminals and fraudsters," said Chris McWilton, president of North American Markets, MasterCard. "Only through industry collaboration and cooperation will we address the real and immediate issue of security and maintain consumer confidence and trust. EMV will be the next step in these efforts, alongside enhanced security solutions for online and mobile channels."

Both the card brands are serving organizations and people globally. MasterCard is a technology company in the global payments industry that operate the world's fastest payments processing network in more than 210 countries and territories, and Visa Inc. is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.