Chip Card Security: Why Is EMV More Secure?
Chip card security is the latest standard in credit card security. This standard (called EMV for “EuroPay,” “MasterCard,” and “Visa”) includes a small microchip in the credit card that protects buyers against fraudulent transactions.
Because of the change in credit card security, banks are phasing out magnetic stripe cards in favor of these more secure, authenticated ways to pay. But what exactly is the problem with magnetic stripe cards? And why are chip cards better? Well, a number of reasons.
First off, magnetic-stripe cards are pretty outdated — they’ve been around since the ’60s and use the same technology as cassette tapes. And surprisingly, the United States is one of the last countries to still have them around. EMV has been the standard in most parts of the world for over a decade (you may have noticed that chip cards are the norm when you travel to places like Europe, for example).
So what exactly helps chip cards fight fraud? Three key features:
Chip Card Security Features
1. EMV is designed to prevent fraud
EMV cards are primarily designed to prevent fraudulent transactions that take place when someone physically swipes a counterfeit card at a payment terminal. And chip card technology works. In countries that have adopted EMV as the standard, certain types of credit card fraud have dramatically declined.
2. Chip cards are really hard to clone
Magnetic-stripe cards are, well, magnetized. When you swipe them, the payment processor reads their magnetic fields and matches them to your bank account information. The problem with this is that the data is static, making it easier for fraudsters to lift your information and clone it onto a new card. In fact, there’s something called a skimmer — which they can get or make for as little as $20 — that can do this pretty easily.
On the other hand, the data on chip cards is constantly changing, making it extremely hard to isolate and extract. To rip it off, someone would have to get into the physical chip circuit and manipulate things to get your bank information. Not only is this level of data surgery really difficult, but it also requires a set of high-tech equipment that can cost north of $1 million. That’s not the kind of cash your average fraudster has handy.
Accept chip cards and Apple Pay everywhere.
Order the Square contactless and chip reader.Order your reader now
3. Chip and Pin credit cards have sophisticated encryption.
Magnetic-stripe cards broadcast bank information into the payment terminal as-is. Square Reader and Stand keep this information safe by encrypting it as soon as it’s received. Chip cards are different in that they have sophisticated encryption built right into the chip. When you dip a chip card (it’s a dip instead of a swipe), it talks back and forth with the payment terminal in a secret language to make sure it’s actually you who’s paying.
The long and short of it? EMV and NFC are both much better ways to pay than magnetic stripe cards. And as a small business, you’ll be able to accept both. You can order the Square contactless and chip reader today.
Chip Card Security Risks
US EMV credit cards are definitely an upgrade over their magstripe counterparts. But that doesn’t mean you can let your guard down. The US chip-enabled credit cards use a strategy called “Chip and signature,” meaning you don’t need to put in a pin code to finish a transaction.
But in Europe, that process that is now the standard and offers more security.
In the US, EMV debit cards will typically use PINs, but not all banks have rolled the new cards out yet, since they prefer to focus on pushing the new chip-enabled credit cards first.
Another potential security risk? If a local store doesn’t have a point of sale that’s chip enabled (meaning there’s no slot for you to “dip” your credit card), then you need to use the magnetic stripe on the back of the card and the chip isn’t activated. That means no extra security from the chip.
Luckily all those risks can be avoided by adding your debit and credit cards to your phone. Mobile payments don’t actually store the credit card number of the device. Instead they use something called “tokenization” to send temporary numbers the point of sale can use for that specific transaction. Then the number changes, and can’t be used again. Plus with newer smart phones, Apple and Android pay use biometrics (fingerprints) to make it even more secure.
Soon, you’ll want to set up your business to accept both NFC (contactless) payments and EMV payments.
Overall credit card security is still something to watch out for in 2016. But with new technologies like the chip and pin credit cards and Apple Pay, the trend is definitely looking up.
What is NFC?
What is EMV?
EMV vs. NFC — What’s the Difference?
What Business Owners Need to Know About PCI Compliance