That old-fashioned magnetic stripe on the back of the credit and debit cards in your wallet is about to exit stage left.
The size, scope and cost of the Target breach is forcing the U.S. retail and banking industries to grudgingly adopt a newer data security standard that has already been embraced by our friends across the pond for many years now.
Cards that store personal data on high-tech embedded smart chips, will still look and feel the same as the old cards. As consumers in dozens of countries have already discovered, so-called “smart cards” will deliver the same convenience but with greatly reduced vulnerability for point of sale transactions.
Credit cards with the embedded chips will also require the user to input a unique PIN number. This creates the sort of two-factor authentication that renders fraudulently cloned mag-stripe cards useless.
American retail and banking systems have already begun (with Target leading the way) to invest in safer smart card technology that will be ready to deploy by October 2015.
The Charlotte Observer reporting on a Bloomberg editorial had this to say:
“Consumers in about 80 countries now use the technology, which has been shown to significantly reduce fraud and identity theft, but it hasn’t caught on in the United States, where most cards still use antiquated magnetic-stripe technology. Switching to the new cards is a complicated process that requires cooperation between several parties – card issuers, banks and merchants – with conflicting priorities. Merchants don’t want to shell out for new smart-chip terminals, for instance, unless they’re sure that issuers will pay up to produce the cards.”
Smart cards, also known as EMV cards (Europay, Mastercard, Visa) have historically helped reduce data theft by as much as 60 to 80 percent. There are currently 1.5 billion credit cards in the U.S. that will need to be replaced.
The Smart Card Alliance says the U.S. is one of the last countries to migrate to EMV:
“Increasing counterfeit card fraud led the financial industry to move to smart chip technology for bank cards and to develop the global EMV specifications for bank cards based on chip card technology…. Financial institutions in the United States, Europe, Latin America, Asia/Pacific and Canada are issuing contact or dual-interface EMV smart cards for credit and debit payment or are migrating to EMV issuance.”
Critics argue that the new “chip and pin” technology will only affect retail transactions at POS (point -of-sale) terminals and will have little impact protecting so-called CNP (card not present) online transactions. The industry is actually preparing for an uptick in CNP fraud until additional safeguards are engineered.
Various combinations of vocal, facial and fingerprint recognition technologies should allow the industry to complicate fraudulent attempts to access private data in the future.
As the Target breach has taught us, even retailers with virtually endless security resources are still vulnerable to relentless and cutting edge attacks from the next generation of new age Bonnie and Clydes.
Dale Penn is a professional speaker, privacy advocate and commercial insurance broker. He is the author of the award-winning book, Identity Theft Secrets: Exposing The Tricks Of The Trade. Follow Dale on Twitter @DalePenn