September 19, 2018

EMV Security Technologies Boosts Credit Fraud Protection

Credit card displays new EMV chip technology

Credit card displays new EMV chip technology

Costs of credit card fraud in the U.S. alone are estimated at $8.6 billion per year. One of the ways to combat this problem is through EMV security technologies. EMV chip cards are being added to the arsenal of weapons calculated to help secure the U.S. payments infrastructure. The added protection is important because by October 2015, major networks will shift fraud liability to either the issuer or the merchant, depending on which has the least secure technology. October 2015 is the date that card issuers such as American Express, Discover, MasterCard and Visa are required to update to EMV chip cards, terminals and processing systems.

Key Features

EMV chip technology was developed jointly by Europay, MasterCard and Visa in 1994, to create a global chip specification payment system and prevent financial fraud. The key features of the chip in credit cards are that they store information, perform processing, are a secure element which stores secrets and performs cryptographic functions. They protect against counterfeit fraud through authentication of the chip card and smart phone. They validate the integrity of the transaction through digitally signing payment data.

EMV chip technology is an extremely effective method of reducing counterfeit and lost/stolen card fraud in a face to face payments environment. That is why the PCI Security Standards Council supports the deployment of EMV. EMV chip cards, have advantages over traditional magnetic stripes. The chip’s security code changes with every purchase and the card is much less vulnerable to counterfeiting, experts say. The chip can not be duplicated.

Worldwide Adoption

EMV technology has spread globally.

EMV technology has spread globally.

EMV technology will reduce the chances for fraud, but the evolution to the new technology will take some time. Merchants will have to change equipment to read the chip’s security code. Magnetic stripes won’t disappear overnight. During the transition, cards will still be vulnerable to counterfeiting.

In early June, Sam’s Club introduced a rewards credit card using the chip. Sam’s parent company, Walmart, will follow suit later this year. Target, which was the victim of a huge security breach recently, has opted to add chip-and-PIN technology to its store-branded cards early next year.

The shift to EMV is part of a systematic upgrade of payment security that is being developed to counteract weaknesses that lead to security breaches. Among the budding technologies is “tokenization,” which would substitute a meaningless string of alphanumeric characters and biometrics for current credit card credentials. Anything that will stymie hackers in their pursuit of other people’s personal information is likely to be scrutinized.

Data Breaches

A large-scale data breach, such as those the country has experienced in recent months, could still affect your card, industry leaders say. If Target, for instance, had been already using the chip technology before its system was breached, it would not have protected the company from hackers who infiltrated the company’s database through a third party access credentials. That gave the hackers information on cardholder account numbers and personal information, such as names, addresses and phone numbers that greatly increased the scope for identity theft.

Best Practices

Until the problems of protecting ID are resolved, take a proactive stance. Protect your card against fraud or data breach, as much as possible. Use unique and more sophisticated passwords for online accounts, monitor your bank statements and sign up for available alerts. Report immediately to your financial institution if your card is lost, stolen or compromised so it can be replaced with a new number as quickly as possible. That will save you the hassle of disputing unauthorized charges

Hacking A Serious Problem

Web auction site eBay said it's systems were hacked and client identity information was stolen. (Justin Sullivan/Getty Images)

Web auction site eBay said it’s systems were hacked and client identity information was stolen. (Justin Sullivan/Getty Images)

Hacking is not a minor occurrence any more. This year, those who track the problem report, about half of American adults — about 110 million — will have their personal information accessed by a hacker. Huge data breaches at well-known companies such as Target and Adobe and others are reported too often to ignore.

Ponemon Institute researchers reported that up to 432 million accounts were hacked during the past year. The institute studies issues involving privacy, data protection and information security policy.

The true picture is obscured by policies at some companies, such as AOL and eBay not to divulge the complete details of cyber breaches. But if the exact numbers are elusive, the damage is easy to see. If you are hacked, a thief has access to your name, credit and/or debit card information, email, phone number, birthday, password, security information and physical address.

That makes it easy for people you’d rather didn’t know those details about your life to find you. An abusive ex-spouse, for instance. Not to mention the financial havoc that can be generated by stolen credit card data.

The revelations about huge corporate breaches have become so common that people have become numb to them, researchers say. The numbers are so frequent and the damages so astronomical that they’re hard to assimilate. Among recent instances:

Target, with 70 million customers’ personal information compromised, including 40 million credit and debit cards. Adobe, with 33 million user credentials in the wrong hands, along with 3.2 million stolen credit and debit cards. Snapchat, with the account data of 4.6 million users stolen. Michaels, with 3 million payment cards compromised. Neiman Marcus, breach of data from 1.1 million cards. AOL, data from “a significant number” of the company’s 120 million accounts stolen.
eBay, with possible theft of information on 148 million customers

Americans are increasingly moving more of their lives online. They do shopping, banking and socializing online. Merchants use the Internet to conduct and process transactions. Your data is everywhere: your phone, laptop, work PC, website servers and countless retailers’ computer networks. How vulnerable does that make you feel?

And the deeper the well of information gets, the smarter the hackers become. Their weapons are numerous and they have learned to roam inside corporate networks virtually at leisure before triggering alarms. The pierced, Goth malcontent of the past is gone. Large-scale theft is targeted with militaristic precision. Hackers work in teams and they are able to create malware that attacks specific targets.

Too often, these experts in cyber theft are pitted against underfunded volunteers whose job is to protect the Internet. People who use outdated software that no longer receives security updates are easy prey for the hackers.

“It’s becoming more acute,” said Larry Ponemon, who heads the institute. “If you’re not a victim of data breach, you’re not paying attention.

The headlines announcing heavy-duty breaches have become a modern phenomenon. Watch for more.