Back to Back Issues Page
Watch For Scams Newsletter. Microchip Credit Cards Still Vulnerable
October 09, 2015
Hello

Microchip Credit Cards Still Vulnerable

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Microchip Credit Cards Still Vulnerable

Many banks will have now replaced millions of traditional credit cards, which rely on data stored on magnetic strips, with new credit cards containing a microchip known as an EMV chip. While EMV cards offer enhanced security, these cards can still be targeted by fraudsters.

TECHNICAL DETAILS

What is an EMV credit card?

The small gold chip found in many credit cards is most often referred to as an EMV chip. Cards containing this chip are known as EMV cards. The name “EMV” refers to the three originators of chip-enabled cards: Europay, MasterCard, and Visa. EMV chips are now the global standard for credit card security. Unlike traditional credit cards that store data on a magnetic strip, EMV cards store card data in tiny integrated circuits and are authenticated when the cardholder inputs a PIN into a PoS terminal.

With traditional credit cards, the magnetic strip on the back of the card contains data and personal information about the cardholder. This information is used to authenticate the card at the point of sale (PoS), before the purchase is authorized. While most EMV cards still retain the traditional magnetic strip and the cardholder’s signature on the back of the card, they offer the additional enhancement of the microchip embedded into the card.

This allows merchants to verify the card’s authenticity by the cardholder’s personal identification number (PIN), which is known only to the cardholder and the issuing financial institution. In addition, EMV cards transmit transaction data between the merchant and the issuing bank with a special code that is unique to each individual transaction. This provides the cardholder greater security and makes the EMV card less vulnerable to hacking while the data is transmitted from the PoS to the issuing bank.

THREAT

Although EMV cards will provide greater security than traditional magnetic strip cards, they are still vulnerable to fraud. EMV cards can be counterfeited using stolen card data obtained from the black market. Additionally, the data on the magnetic strip of an EMV card can still be stolen if the PoS terminal is infected with data-capturing malware.

Further, the EMV chip will likely not stop stolen or counterfeit credit cards from being used for online or telephone purchases where the card is not physically seen by the merchant and where the EMV chip is not used to transmit transaction data.

DEFENSE

Consumers should closely safeguard the security of their EMV cards. This includes being vigilant in handling, signing, and activating a card as soon as it arrives in the mail, reviewing credit card statements for irregularities, and promptly reporting lost or stolen credit cards to the issuing bank.

When using the EMV card at a PoS terminal, consumers should use the PIN, instead of a signature, to verify the transaction. This fully utilizes the security features built within the EMV card. Consumers should also shield the keypad from bystanders when entering their card PIN.

If you believe you have been a victim of this type of scam you should promptly report it to the IC3's website at www.IC3.gov. The IC3's complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration.

Remember - always watch for scams!

Steve

Back to Back Issues Page