The United States has successfully resisted chip and pin technology for nearly a decade, and we’ve got the data breaches to prove it.
In the wake of massive data breaches at Target, Neiman Marcus, and most recently Michaels, there has been talk of switching to more secure technology in the United States. While this may sound like the perfect data breach solution, the reality of chip and pin technology is not as ideal as some claim.
Keep reading to learn why chip and pin cards aren’t a quick fix, or the end-all-be-all, for credit card security.
Credit Cards In the U.S.: A Decade Behind
Chip and pin technology has been a standard in Europe and Canada for years, and the U.S. is now turning to these countries in search of a solution to the increase of recent data breaches. Breaches in the States account for more than half of all data breaches worldwide.
Even though the need to implement better credit card security is long overdue, transitioning away from cards with magnetic strips will be a lengthy process. Cards, payment terminals, and software will need to be replaced. This is a large-scale operation that implicates cardholders, merchants, credit card companies, and banks.
Security measures need sophistication and speed that can rival that of advancing hacking technologies. Companies and consumers can’t afford to wait for chip and pin technology without pursuing other security options.
The Price to Overhaul
Attached to the massive scale of its implementation is an equally large price tag. Target has estimated that installing chip and pin card readers in all of their retail stores would cost $50 million. Credit card companies, banks, and retailers must answer the question of who should be responsible for footing the bill.
Implementation cost is not the only financial consideration. Shifting to chip and pin technology requires an assessment of who is liable when fraudulent activity occurs. In the future, U.S. merchants who do not equip their retail stores with chip and pin card readers will be held responsible for fraud.
This “liability shift” may be the much-needed nudge that pushes chip and pin into widespread use, though it wouldn’t be effective until the end of 2015.
Would Chip and PIN Have Prevented Target Breach?
Chip and pin cards are more secure, since the technology makes it harder to clone and abuse card information. There has been a decrease of credit card fraud in Europe since the adoption of chip and pin, especially when compared to the use of fraud-prone magnetic cards in the United States.
Still, chip and pin does not guarantee security. Several data breaches in Europe have shown that chip and pin technology is not infallible.
In the case of the Target data breach, chip and pin technology would have made information acquired by point-of-sale malware less valuable to hackers, because the card information would have been difficult to duplicate. However, information stored in the company’s computer system would still have been at risk.
This certainly makes chip and pin a valuable security investment, but not one that will single-handedly prevent destructive data breaches.
The biggest takeaway from the discussion of chip and pin technology in the U.S. is the need for collaboration to improve security standards across the board. Vendors, banks, credit card companies, and customers will need to collectively work toward better information and credit card security.
Chip and pin may be a tried-and-true success in Europe and Canada, but it’s clear that hackers are constantly developing new ways to get around security measures. It will take creative, collective, and timely action to ensure that private personal data stays private in an age of information sharing.
Lastly, MasterCard has called for another credit card security measure: tokenization. This happens when generated data replaces real credit card information when a purchase takes place, keeping the purchaser’s info safe. If you use DoNotTrackMe’s Masked Cards to make purchases (online or in stores), you can already do this on your own.