MONEY

Credit card security: Swiping is out, chips and dips are in

Julie May
For The Tennessean
You may have already received a card with the new microchip technology. However, only some retailers have new compatible card readers that let you “dip” your chip into the machine instead of swiping. And new cards also have a magnetic stripe, for any purchase you make at a retailer using the older systems.

We’re entering the busiest shopping season of the year, and after the many data breaches of years gone by, consumers, banks and retailers can rejoice with tidings of greater credit card security on the way.

You may have already received a card with the new microchip technology. However, only some retailers have new compatible card readers that let you “dip” your chip into the machine instead of swiping. (And new cards also have a magnetic stripe, for any purchase you make at a retailer using the older systems.) But — as of Oct. 1, 2015, retailers still using swipe readers are financially responsible for any credit card fraud, instead of the bank that issues the card. So you’ll see new machines more and more often.

The benefits of the chip

Microchip technology (also called EMV, for the three companies primarily driving the innovation: Europay, Mastercard, Visa) is far harder to counterfeit than magnetic stripes, because it creates a unique identifier for each transaction using the microprocessor instead of only transmitting your account information.

Consumers won’t see a big difference in the process. Initially retailers may still ask you to sign some credit card receipts, but over time, all retailers should switch to PIN-approved transactions for chipped cards. Signature-authorized transactions don’t offer the same protection against fraud that PIN transactions do, however. Your signature could be forged, but a PIN number and card are unlikely to be stolen together.

Slow, expensive roll-out

Despite the benefits to retailers and consumers, the technology is rolling out slowly in the United States, despite being the standard in Europe for several years. ACI Worldwide conducted a study that indicated 60 percent of consumers using credit cards have yet to receive a microchip card from their bank.

And despite national chains like Target and Wal-Mart jumping on board — eager to button up against fraud risk with the new technology — smaller retailers may balk at the cost of switching out terminals for chip-and-dip (EMV) card readers. Each terminal could cost from $500 to $1000.  Only 27 percent of retailers in the United States had implemented chip terminals by the deadline of October 2015, according to the Strawhecker Group.

Mobile payment processor Square offers a signature-enabled EMV reader for $29, though, and some retailers who had previously used more expensive traditional terminals may explore switching to Square or another mobile-assisted payment option.

Retailers and card issuers alike may be swayed to switch to EMV evidenced by the dramatic reduction in fraud in the European market after chip technology became the norm. The Aite Group says chip technology is responsible for a 44 percent drop in counterfeit card losses in the United Kingdom in the first 10 years of widespread use.

What Microchips don ’t do

Because it counts on interacting with the card reader at the point of sale, microchip technology doesn’t make a dent on fraudulent use of credit cards for Internet purchases or over the phone. It doesn’t prevent data breaches, but as it’s more widely used, it will be able to limit the useful information credit card hackers can get their hands on.

How retailers can protect themselves

Today, retailers need to figure out how quickly they can switch to EMV/chip readers, if they haven’t already. With low-cost options available, it’s the best way to limit liability. But realize that if you use card readers that depend on signatures instead of PINs, your customers are still susceptible to fraud.

Over time, getting the vast majority of U.S. card transactions onto chipped cards will reduce fraud, and at the same time, reduce the related hassles. EMV cards aren’t a cure-all, but this chip-and-dip recipe is sure to be a hit with consumers, retailers and banks in the long run.

Julie May is CEO and founder of Bytes of Knowledge, Middle Tennessee’s premier partner for technology strategy and an award-winning provider of software development, network infrastructure and marketing technology solutions. We want to know you — please visit bytesofknowledge.com.