By the end of 2015, 70% of U.S. credit cards and 41% of U.S. debit cards will have security chips. Yes, these are the chips that Europe, Canada, Mexico and Asia have had for years. Finally, U.S. banks and credit unions are sending out the new cards, both with the traditional strip on the back plus the chip. Merchants are installing new registers to handle them. It’s a big change.
Currently there are two primary credit card technologies in the world. In the 1960s, cards were issued with a magnetic stripe to carry encoded cardholder information. The problem is that the magnetic bits of information are “fairly simple” to decode and then can be re-encoded on another credit card to make fraudulent purchases. Europe and the rest of the world has been way ahead of the U.S. in combating fraudulent losses. Their card encrypts data within a chip-embedded card that resembles the SIM in a smartphone. These Chip-and-Pin cards are known as EMV, Europay Mastercard Visa and they make it much more difficult for the bad guys.
The huge attack on 40 million Target credit card customers last Christmas brought home the fact that U.S. credit card companies needed to start issuing the more secure, more expensive EMV cards. Just last week, grocery chain Supervalu disclosed it was investigating a breach that could affect customers at 1,000 locations. P.F. Chang’s China Bistro and Goodwill Industries have also incurred hacks. Until now, neither U.S. businesses or credit card companies wanted to make the investment. Businesses didn’t want to invest in new technology until the credit card companies had issued the new cards. And, the card issuers didn’t want to give them to customers until there was a place to use them. With the continuing breaches, the U.S. is now becoming the last of the G-20 countries to move to EMV.
However, most card issuers are not going with chip and PIN. They instead will use chip and signature. Chip and signature is less expensive and less complicated to users. And, issuers, knowing that the average American has 3.4 cards in the wallet, don’t want their card to be hard to use. Of the 14,000 banks and credit unions that issue cards, it is expected that 50% will use chip and signature, 25% chip and PIN, and 25% undecided. It’s expected that U.S. issuers will distribute more than 575 million credit and debit cards by the end of 2015, roughly half of the estimated billion cards now in circulation.
Merchants are upgrading their computer terminals. To push them along, the credit card companies have given them an October, 2015 deadline. After that, if a business that hasn’t shifted to the new “EMV-enabled” reader processes a counterfeit credit card, the business, not the credit card company, will be liable for the fraudulent charges.
The new cards will bring changes for the customer. Swiping the card generally won’t work. The card will need to be inserted in the terminal and remain there as the transaction is processed. And, if a PIN is required, the consumer will need to tap in the four-digit number when the terminal screen requests it. Yes, a little more work, but lots more security. And, with the right chip and PIN, customers can travel abroad and use their U.S. credit cards.
In the next few months, you’ll be seeing lots of information on the new credit cards. And, if you get a new card or one expires, you’ll likely get an EMV card. Using the new cards may be a little different in the beginning, but if it makes the cards more secure, it sounds like a great improvement.