It has been over a year since the EMV transition deadline passed and most people now have chip-enabled credit and debit cards. But there still seems to be misconceptions about EMV cards and terminals and how they work to protect consumers and businesses. Here are a few facts to help you learn the truth about chip card security:
They Are More Secure
EMV cards are more secure than the old magnetic stripe cards because of the computer chip that is implanted in the front of the cards. Magnetic stripe cards contained unchanging data that could be stolen or duplicated and used over and over again by criminals. In comparison, chip cards create unique transaction codes for every purchase, which means they can’t be duplicated because the information expires after a single transaction.
Another benefit to chip cards is encryption. When you dip your card at a payment terminal, the two pieces of equipment communicate with each other. With encryption, the communication is scrambled so if a hacker breaks in, they won’t be able to understand what is being said and steal the information, explains Square.
They Don’t Solve Everything
Even though chip cards are more secure, they still have weaknesses and flaws. As identity fraud protection company LifeLock notes, a big weakness in the U.S. chip card system versus the European system is the lack of a PIN. Europe has been so successful with its chip card transition because of the two-pronged approach, but the U.S. has opted for a “dip and signature” method. LifeLock explains that although it is more difficult than the magnetic cards, criminals could still get away with a phony purchase with a stolen card and a fake signature.
Another flaw with chip cards is that they still have a magnetic stripe on the back that can be used for payment terminals that have not been converted. Many businesses resisted changing their payment terminals and still require customers to swipe their cards. CNN reports that security researchers at payment technology company NCR found a way to rewrite the magnetic stripe on the back of chip cards to make payment terminals think they are chipless. This would enable hackers to steal information the same way as the old magnetic stripe cards. Users also are at greater risk if businesses’ payment terminals do not encrypt the transaction.
They Can Be Improved
There are some ways you can boost your card security as a consumer. LifeLock suggests several ways to minimize your risk and monitor your cards for any signs of fraud. For example, you should avoid checking financial information, such as your bank statement or card balance, on public Wi-Fi because you don’t know if it’s a secure network. You also should monitor your credit card statements and check for any recurring payments to make sure everything adds up and was purchased by you.
Whether your card has a chip or a stripe, the technology doesn’t protect you for online purchases. Be sure to create strong passwords (don’t use names or birthdays) and change them frequently. You also should only purchase items from sites you trust and pay attention for signs of a scam. Chances are, if it feels like something is off, it probably is. Trust your intuition and play it safe so you don’t have to sort out identity fraud later.