As of last month, a majority of US banks will have replaced most traditional debit and credit cards with newer, ideally more secure versions that rely on a microchip instead of a magnetic strip for data storage. What many people don’t know is that this new-fangled chip technology is not 100% secure! The FBI has issued warnings to law enforcement, merchants, and the general public to promote awareness that no single technology can completely stop fraud.
What is an “EMV” credit card?
EMV refers to the first three adopters of the chip card technology, Europay, Mastercard and Visa. Also known as “chip-and-signature,” “chip-and-pin,” or “smart” cards, these new credit and debit cards offer more secure use than the outdated magnetic strip technology that has been the standard for years. EMV card transactions work between the merchant and the cardholder’s bank with a code that is unique to each individual transaction, which results in greater security and generally ensures less vulnerability to criminal activity while the data is in transit.
What dangers does the EMV card present to users?
Despite the fact that the chip technology is certainly more secure than the traditional magnetic strip, the reality is that lost or stolen cards can be more readily exploited for use in stores, online and over the phone. In the latter two instances, the chip is not physically provided for the purchase (known as “a card-not-present transaction”), which negates most of its potential security measures. Furthermore, given that banks are issuing cards with both magnetic strips and chip technology to accommodate merchants that haven’t updated yet, criminals can still steal data from the magnetic strip for illegal purposes. If the merchant has failed to upgrade to an EMV terminal, there is a chance it can become infected with data-capturing malware.
How can you protect yourself?
- Ensure that you protect the personal information specific to your card, such as your account number and PIN.
- When entering your PIN for a purchase, be sure to always shield your input from the view of other customers and potential thieves.
- Cardholders that have lost their card, or suspect it has been stolen should contact their bank as quickly as possible to minimize the chance of fraud.
- Merchants are urged to handle the EMV card and its data with the same precaution they use for traditional credit cards.
- For sales over the telephone or via the Internet, merchants are encouraged to employ additional security measures to verify the authenticity of the card in question.
- Servers and payment links used by merchants for all Internet transactions with credit and debit cards need to be properly encrypted to limit the chance of hackers accessing the information given by cardholders.
If you believe you have been a victim of credit or debit card fraud, contact your local law enforcement or FBI field office to file a complaint with the Internet Crime Complaint Center (IC3) at www.IC3.gov. To stay up to date on the latest developments in tech security, be sure to regularly visit DS410 online, or get in touch at (646) 583-0410 or firstname.lastname@example.org.