Chip-enabled Credit Cards Not the Answer to Security Vulnerabilities

Chip-enabled Credit Cards Not the Answer to Security Vulnerabilities

Set by credit card companies, the deadline is October 2015. At this time, U.S. consumers will be required to carry a new type of credit card if they plan on using it at retailers across the nation that will have upgraded payment terminals to accommodate the cards. This change costs $8.65 billion, while only addressing a narrow range of security issues.

These new credit cards will be chip-enabled, which means they will come with embedded computer chips, making them harder to counterfeit; however, credit card counterfeiting is only about 37% of all credit card fraud combined. The embedded computer chips will still be vulnerable to hacking and to the same cyber attacks that current swipe-card systems already deal with.

PINs will no longer be issued, requiring just a signature to complete a transaction. PINs work as an additional layer of security that helps make lost or stolen cards useless when attempting to make in-person purchases at retail stores. But, cost and complexity are reasons for not issuing these secret numbers. It would require a larger investment from credit card companies, and PIN management systems require additional customer support.

Chip technology has been used in Europe for about two decades in addition to requiring PINs, but even with these security layers, data is still unprotected at three key points:

  • Entering the terminal;
  • Transmission through a processor; and
  • Storage on the retailer’s systems.

While security experts argue that it would make more sense for the United States to use point-to-point encryption, which scrambles data to make it unreadable from the instant the transaction starts, higher cost and limited track record as proof of success stands in the way.

About the Author

Ginger Hill is Group Social Media Manager.

  • Ahead of Current Events Ahead of Current Events

    In this episode, Ralph C. Jensen chats with Dana Barnes, president of global government at Dataminr. We talk about the evolution of Dataminr and how data software benefits business and personnel alike. The Dataminr mission is to keep subscribers up-to-date on worldwide events in case of employee travel. Barnes recites Dataminr history and how their platform works. With so much emphasis on cybersecurity, Barnes goes into detail about his cybersecurity background and the measures Dataminr takes to ensure safe and secure implementation.

Digital Edition

  • Environmental Protection
  • Occupational Health & Safety
  • Spaces4Learning
  • Campus Security & Life Safety