Credit Card Fraud and EMV Chips
You may have noticed that your recently issued credit cards now how a chip embedded in them. New here in the United States are Smart Card credit cards. The enhanced security features are designed to prevent thieves from cloning credit cards and then charging purchases to customers’ accounts. In 2015 criminals charged up over $4 Billion in fraudulent charges. The new cards are designed to ensure the credit card is a legitimate credit card and has not a clone.
In other countries, the EMV chip-based credit cards have been in use for some time now and have drastically reduced credit card fraud in those countries. According to MasterCard in the first-year implementation (2015-2016), counterfeit credit card cost has dropped 54%. The PCI Security Standard Council has reported a 72% decrease in face to face fraud in the UK and 48% decrease in domestic counterfeit fraud in Canada.
Over 6 million merchants in the US have upgraded their systems. However, not all retailers have upgraded their systems to accept the new EMV chip credit cards. This means there will still be losses related to credit card fraud for the foreseeable future.
The other problem is there are over 1 billion credit cards issued in the United States, and banks have only replaced 600 million in the last two years. This means there are plenty of cards that can by counterfeited and plenty of merchants the fraudulent cards can be used at.
Merchants have raised complaints about the costs of changing to the new EMV readers. According to the National Retail Federation, the cost was $25 to $30 billion in 2015. The Card brands (MasterCard, Visa, Discover, Ameican Express, and JCB) plan to shift liability to merchants who do not have the new EMV readers. This means if they don’t upgrade they will be on the hook for all losses of the banks and consumers if they have a breach. Visa and MasterCard have different dates as to when the liability will switch. Currently, MasterCard has transferred liability to merchants in October of 2016, and Visa plans to transfer liability a year later on October 1, 2017.
Breaches can be expensive for merchants, one estimate for the Target breach was over $1 billion is fines and expenses related to their breach, according to a speaker at the 2017 RSA Conference. This should be incentive enough to move to the new EMV chip system as soon as possible.
Gas station terminals have been granted a year’s reprieve from the switch of responsibility given the drastic number of unattended payment terminals gas pumps.
Of course, this change in credit card processing is long overdue. The magstripe technology is over 50 years old and has been a large risk for banks and merchants.
However, this does little to nothing to improve security for online purchases. Fraudsters will simply move to softer targets; this means as we see a decrease in card present transactions we should see renewed efforts on the part of fraudsters to try and commit online transaction fraud.
For more information see