Achieving Results, Exceeding Expectations

Banking Law

No More Swiping: Credit Cards 2.0

credit card readerIf you’ve traveled to Europe, you may be aware that European credit and debit cards are more technologically advanced than many American credit cards, even cards issued from the very same financial institution. In fact, certain American cards have not always worked in various places in Europe, like the Italian railway automatic ticket kiosks and some ATMs.

That’s about to change, and there may be some growing pains here in the states.

In the past, American credit and debit cards were “swiped” on the magnetic stripe in the back. But in Europe, the “Chip and PIN” technology is the norm. This is also referred to as EMV (which stands for Europay, MasterCard and Visa).

Chip and PIN/EMV was designed to deter fraud. That magnetic stripe on the back of old school credit and debit cards contains unique information about the cardholder. If an unscrupulous person could capture or copy that stripe electronically, they could make fraudulent charges. Indeed, the cases of credit card hacking and fraud have grown exponentially in the past, with Target one of the larger corporate victims.

Chip and PIN technology changes the way that cards function. No longer will the new cards need to be swiped, but instead the card is placed on a reader and scanned. The chip embedded in the card, however, constantly changes so that the data produced from one transaction creates a one-time unique set of data. “Copying” the chip does not benefit the unscrupulous, because the data is essentially “used”.

Not all American institutions have the ability to scan the new cards that are replacing the old ones. (Tim Horton’s didn’t take our new card this week.) This discrepancy between card technology and retailer’s technology actually creates a liability gap of sorts.

Under the old system, consumers were protected beyond a small limit (often $50 or $100) if their card was used fraudulently. Now, American Express, Visa and Master Card are transferring liability to merchants, stating that they are liable for fraudulent activity if they don’t possess the correct Chip and PIN readers. This liability change took effect on October 1st. It is unclear if cardholders who have older cards, but who patronize a merchant that has updated their cardreading software, have a greater liability exposure.

The shift to Chip and PIN is not complete. Many of the cards that have been distributed still have a magnetic strip in order to give merchants time to catch up. This may help ease the transition, but it also delays the fraud-deterrent capacity of the new technology.