EMV chip cards arrived on the financial scene in late 2015. For customers as well as businesses, the transition has been less than seamless. What are credit card chips for, and why do they only work in certain stores? If you find the switch confusing, you’re not alone. The inconsistent use of chips has many consumers scratching their heads.
Fraudulent purchases are a major issue. A whopping 47% of card fraud happens in the U.S., though Americans represent just 24% of cardholders. EMV chips (named for major credit cards Europay, MasterCard, and Visa) are designed to combat this.
Unlike traditional magnetic stripes, EMV chips create a one-time code for each transaction. The temporary code adds an extra layer of protection between the card reader and your card information. If a hacker steals an EMV chip’s code, he won’t get your actual account number. This extra encryption makes it harder for thieves to duplicate your card — and make purchases at your expense.
EMV chips won’t protect your sensitive information during online purchases, which still require you to enter your credit card number directly. Same deal with purchases or reservations you make over the phone.
EMV cards aren’t un-hackable in person, either. Back in 2011, French fraudsters stole over $650k USD by attaching a fake chip to the EMV chips on stolen cards. They were successful even though European EMV cards have an extra level of protection — PIN entry — that signature-authorized US credit cards don’t currently have.
EMV cards may also be vulnerable to some methods of digital card cloning, one of the types of fraud they’re intended to prevent.
EMV cards aren’t perfect, but they’re coming soon to a wallet near you (if they haven’t done so already).
Many retailers have upgraded to the new, chip-friendly terminals in spite of the expense. (That’s probably because businesses are now liable for fraudulent purchases if they don’t upgrade.) Credit card companies set an aggressive deadline to speed up terminal upgrades. But they’ve also slowed the process down for some business who have upgraded.
Problem: once installed, EMV terminals have to be certified. Businesses that upgrade to EMV terminals are forced to wait their turn for certification for weeks or even months. Hence the confusion at the cash register. Until certification companies work through their backlog, the “dip or swipe?” confusion will continue… on both sides of the checkout line.