EMV may not be silver bullet to fighting credit card fraud
09 May, 2013
category: Financial
The Federal Reserve recently published an article about the United States’ impending transition to EMV cards, saying that the U.S. may not have enough of a structure in place to reap the benefits of EMV’s capability to fight fraud.
In this article, senior economist Richard Sullivan with the Federal Reserve Bank in Kansas City looks at the ways fraud permeates with magnetic stripe cards, and it also examines France, the Netherlands and the United Kingdom’s transition to EMV and how it affected the rates and types of credit card fraud in those countries.
One of the issues with magnetic stripe cards, notes Sullivan, is that they are easily stolen and counterfeited. It’s also easy for criminals to use them to make fraudulent purchases on the Internet, by mail order or telephone order. Other vulnerabilities with mag stripes is that the authentication protocols are static, which also makes counterfeiting easier.
Because chip cards are encrypted to protect data, they are much harder to counterfeit. Chip cards and contactless cards also use dynamic data authentication, which also reduces the incentive to counterfeit the card. However, the fraud paradigm shifts, as criminals seek out different ways to steal credit card information.
In looking at other countries’ EMV transitions, Sullivan writes that the U.S. could experience fraud decreases by as much as 40%, but if certain practices continue, such as having cards with both chips and magnetic stripes, as the Netherlands chose to do, because the easy access to account data will still exist. Keeping the signature feature on the card is also less secure than using chip + PIN due to the ease of forging signatures.
Some companies in the U.S. are pushing back on the idea of adding EMV capabilities, saying that the cost of installing new terminals in all of their retail locations may outweigh the benefits of the new technology. Yet, Sullivan notes that with the implementation of EMV and dynamic data authentication, some fraud will decrease. While other types of fraud will increase, if the U.S. works at putting together a fraud monitoring system that can collect and report statistics on payment fraud, it will have a better opportunity to respond to trends in fraud.