EMV-3

An Open Letter to Consumers About Chip Cards

Jason Oxman

Dear Consumers,

On behalf of the payments industry, we hear you. Some of you really don’t like these new chip cards – you think they are slow, you don’t like the loud noise the card readers make, and you may still get fraud alerts even after you’ve received your new chip card. On October 1, we will mark the one-year anniversary of the start of the chip card transition. So this is a good time to address your concerns with explanations, not excuses. And it’s important to understand why we’re doing this in the first place.

Why chip cards now?

The 1.2 billion cards we carry in our wallets haven’t changed much over the past 50 years. The magnetic stripes on our cards use the same technology as cassette tapes, making it easy for thieves to steal your account information. Remember how you could erase and re-record music on a cassette tape? Thieves can do the same thing with credit cards numbers on a magnetic stripe card using stolen numbers. As a result, counterfeit card fraud costs the U.S. roughly $3 billion a year. Those magnetic stripe cards need to go.

On October 1, 2015, “EMV” or “chip” cards became the new standard for card security in the United States. The chip is a tiny but powerful microprocessor that securely stores your information. The chip can’t be duplicated by criminals like a magnetic stripe card because it creates a unique security code sequence for each individual transaction.

We already know that the chip card transition is working to fight fraud. Counterfeit card fraud has dropped by hundreds of millions of dollars in the past 11 months, because we’ve already upgraded more than 50% of credit cards in the U.S. to new chip cards, and more than 30% of merchants have upgraded to chip readers in stores. There’s more work to do, but we’re making incredible progress.

Why are chip cards so slow?

Yes, chip transactions take longer. That’s because your chip card has a real computer chip in it, but it doesn’t have any power – no battery. So the card needs to get power from the payment terminal in order to do its job – generating a unique, one-time secure cryptogram that makes it impossible to counterfeit the card. That’s why you have to leave the card in the terminal while it processes the transaction. But there is good news — we are rolling out new terminal software upgrades to speed up the checkout time to two seconds or less.  So you’ll have less time for awkward small talk with the checkout clerk.

Why is the card machine yelling at me?

You’ve probably noticed that chip terminals have a new feature to remind you to remove your card when the transaction in complete. Why does it beep so loudly? Because we all have credit card muscle memory – we’re so used to swiping our cards and putting them away, many of us don’t remember to remove the chip card from the terminal. The loud beeps are a reminder for now, but they won’t be necessary when we all get used to the new system. And a little annoying beeping is better than realizing in the car 20 minutes later that you have to go back to the store to pull your card out of the terminal.

Why does my new chip card keep getting replaced?

So I got my new chip card in the mail, and a week later my bank sent me a fraud alert and I had to get another new card. I thought chip cards were safer? Well, the chip cards ARE safer – but many merchants still only accept magnetic stripe cards, which means thieves can still use counterfeit magnetic stripe cards in some places. And the new chip cards prevent counterfeiting, but they don’t stop the kind of data breaches at retailers that resulted in tens of millions of card numbers (including maybe yours) from being stolen. We’re working with our retail customers to deploy new tokenization and encryption technologies to stop data breaches, but sophisticated cybercriminals are still preying on weak defenses where they find them. The most important thing to know is that you have zero liability for any fraud – and as we continue the chip card migration, we know that card fraud will decrease and we’ll have to replace fewer cards.

Why do I never know whether to swipe or dip at the store?

It’s true that your new chip card still has a magnetic stripe on the back, and that some merchants still don’t accept chip cards. You may even have seen some terminals with the chip slot blocked with a piece of cardboard.  Awkward, right?  The migration to chip cards is not a mandate, so merchants have the choice of when to upgrade. Today, about 1.7 million merchants (30% of merchants in the U.S.) have upgraded to chip readers. Most of the nation’s largest retailers have already upgraded, which means that close to half of all credit card transactions in the U.S. are “chip on chip” transactions today.  But some upgrades are still in progress, and many merchants have installed the terminals but are still working with their software providers to complete the upgrade process.

Merchants do have an incentive to upgrade to chip readers, and those that haven’t yet upgraded will soon do so. Beginning October 1, 2015, merchants that do not support chip transactions assumed liability for fraud that results from compromised mag-stripe card transactions. Once they upgrade, merchants no longer have any such liability.

Your card and the terminal at the store are smart – they know for example, that if you swipe your chip card in a chip-enabled terminal, you should dip the chip instead, and the terminal will prompt you to do so. Whether you swipe or dip, you never have any liability for fraud, so even if your favorite merchant hasn’t yet upgraded to chip readers, you are still protected.

We expected the transition to take at least five years, which is the time it took European nations to get to 50% market penetration of chip transactions. But the pace of adoption here has been fast. In less than one year since the transition started, three-quarters of Americans already have at least one chip card.

What if I just don’t want to use these chip cards?

If you just don’t like the new chip cards, the solution could be in the palm of your hand – your mobile phone. Chip terminals can also accept mobile wallets using NFC, or “Near Field Communication” technology. NFC is a form of wireless communication that allows consumers to pay with their smart phones. Transactions can be as quick and seamless as a tap or wave of your phone.  Some merchants are deploying mobile payments solutions that display a barcode, such as Walmart Pay, that the checkout clerk can scan for you.

Mobile payment services like Android Pay, Apple Pay, and Samsung Pay enhanced security capabilities, including passcode protection and secure chip technology, as well as both device and cloud-based encryption and tokenization capabilities.

In closing, please understand that we hear you loud and clear. This is a big change, but we’re tackling the growing pains head on. Our goal – which we hope you share – is ensuring our payments systems are the safest, most reliable, and most secure in the world.

Jason Oxman is the CEO of the Electronic Transactions Association.

Categories
MOBILE+TECHTRENDS
Tagged
DIGITAL CURRENCYDISRUPTORSFINTECH

WEEKLY NEWSLETTER

Check out ETA’s weekly recap on innovations and policies shaping payments. Written by industry experts, get insights on payments like nowhere else. View weekly newsletter archives here.

Tags

Back to Top