Did you get a replacement credit card in the mail recently? Are you confused as to why?
You’re in good company. The U.S. is adopting a significant change in how credit card payments are processed in stores, which will have consumers inserting cards equipped with a special chip rather than swiping at the checkout counter, but many people are still in the dark.
Nearly 3 in 5 of the 1,000 consumers surveyed by payments solutions company ACI Worldwide have not yet received a chipped card. Among those who already have their new card, only 32 percent said they understand the U.S. is moving to a new card processing system.
To get up to speed, here are seven things you need to know about the transition to chipped technology.
The U.S. is the last major country to transition its cards. The U.K. was the first to adopt the new payment system, known as the EMV standard. Developed by and named for Europay, MasterCard and Visa, EMV requires cards be outfitted with a chip that transmits a unique code for each transaction. The technology dramatically reduces the ability of thieves to use stolen credit card numbers in stores.
The U.K. adopted the standard in 2006, followed by Australia in 2008 and Canada in 2012. However, the U.S. has lagged behind implementing chip technology and is the last industrialized country to adopt EMV. According to EMVCo, Western Europe had nearly a 84 percent EMV adoption rate as of 2014, while the U.S. adoption rate was about 7 percent.
“There was a perception that perhaps a better technology would come along,” says William Bondar, senior vice president of retail payment at PNC Bank.
What’s more, until recently, experts say there hasn’t been a pressing need to increase card security. “Our banks are very good at detecting fraud right after it happens,” says Deborah Baxley, principal of cards and payments at Capgemini Financial Services, noting institutions have developed systems to quickly flag questionable transactions and minimize losses.
EMV standard hoped to deter foreign fraudsters. However, as other countries migrated to the EMV system, thieves and hackers have increasingly turned their attention to the U.S. In 2013, The Nilson Report found that while the U.S. accounted for only 24 percent of global transactions in terms of dollars, the country represented 47 percent of global fraud losses.
“As we know, fraudsters have been pretty successful at breaching card data,” says Allison Edwards, director of product delivery for the card services division at financial services technology firm Fiserv.
Major data breaches at giant retailers such as Target in 2013 and Home Depot in 2014 highlighted how hackers were able to steal sensitive information undetected. Without EMV technology in place, it was then a relatively simple process to turn stolen data into useable credit cards.
Counterfeiting cards will be more difficult. Chip technology will not eliminate data breaches since it is a security measure for cards and not for database systems, but it can minimize the damage.”Even if fraudsters gain access to some of the data, they can’t counterfeit cards,” Edwards says.
That is because even if criminals could figure out how to duplicate the unique codes transmitted by a chip, replicating and producing cards would be expensive. In addition, EMV prevents someone from taking the number from a chipped card and putting it on a traditional, magnetic swipe card.
“If a criminal counterfeited a card with a chip on it, the system will know that card is supposed to have a chip,” Baxley says. If the chip can’t be read, the card will be declined.
Online fraud may be increasing. Since chipped counterfeit cards are impractical to make, EMV adoption often has the unintended side effect of increasing online fraud. Criminals typically opt for Web transactions, which don’t benefit from the protections afforded by chip technology.
“The data shows that fraud will migrate online at alarming rates as criminals and cyber thieves shift their approach to exploit the weakest target,” a spokesperson for e-commerce security provider Trustev wrote in an email.
The firm notes that fraud related to “card not present” transactions (usually those completed online or over the phone) jumped 100 percent in both Australia and Canada after those countries embraced EMV. Meanwhile, the U.K. saw an 89 percent increase in fraud in the years after its implementation of chip technology. Trustev says it’s bracing for a predicted 106 percent increase in online fraud in the U.S. in the coming years.
But not everyone is convinced we’ll see a spike of that magnitude. Randy Hopper, vice president of credit cards for Navy Federal Credit Union and a member of the of the industry-created Payments Security Task Force, says online fraud protection measures have matured significantly since other countries adopted EMV.
“The e-commerce market has become more complex,” he says. That complexity makes it more difficult for criminals to conduct online fraud.
It’s not chip and PIN. It’s chip and signature. Those who are familiar with EMV may be expecting a chip-and-PIN system to be implemented, which is what is used in Europe. However, the U.S. will use a chip-and-signature process instead. Consumers will still sign for their transactions as they do currently and will not be required to enter a PIN as is the case in other countries that employ the EMV standard.
“The chip alone is enough to mitigate almost all the fraud,” Hopper says. The main benefit of having a PIN is to prevent fraud in situations where a card is lost or stolen, which he says account for only about 10 percent of fraud cases.
You’ll start inserting, rather than swiping, your card. For consumers, the biggest change will be how payments are made. Rather than swiping their card on a reader, they will be prompted to insert it into the terminal, where the card must remain while information from the chip is transferred.
“The only drawback is the transaction can take longer to process,” Hopper says. “Cardholders just need to be patient.”
To smooth the transaction process, some stores are bringing in extra workers. “A lot of merchants are adding people to [register lines] to educate consumers at the point of sale,” Bondar says.
If you don’t have a chipped card, you’ll still be able swipe your card on the terminal. In addition, contactless forms of payment such as Apple Pay and Android Pay will still work with the new terminals.
Oct. 1 is a big day for retailers and banks. The banking world is buzzing about the looming Oct. 1 deadline, which will move some liability for fraudulent charges to retailers. Financial institutions currently absorb all the losses associated with card fraud, but beginning next month retailers will be responsible for those costs if a customer has been issued a chipped card but the store is not equipped with a terminal to read it. For example, if a thief counterfeits a chipped card and uses it at a store with a non-EMV terminal (one that can’t read the chip), the retailer, not the bank, is on the hook for the cost of the fraudulent transaction.
It’s a major change, but consumers likely won’t notice. “The liability shift is behind the scenes,” Edwards says. Hopper also assures consumers that the change won’t affect their fraud protections. “Consumers don’t have any liability on their cards today, and they won’t have any liability after the Oct. 1 deadline,” he says.
The transition to EMV has been underway for a while, but the liability shift is likely to spur more retailers to update their terminals to read chip cards. Still, it could be another 12 to18 months before chip readers are found in most locations.
“It’s not like Y2K where we’re flipping a switch,” Baxley says. “It’s the beginning of a long evolution.”
More from U.S. News
10 Money-Saving Websites to Check Before Shopping
12 Habits to Help You Take Control of Your Credit
Should You Trust Apps That Access Your Credit Card Information?
Your Credit Card Is Changing: What You Need to Know originally appeared on usnews.com
