Visa and MasterCard are urging speedier adoption of microchip technology into credit and debit cards in the US on lines of Europe, in the wake of recent high-profile data breaches.
Canada, Mexico and most of Western Europe is already using the microchip technology, which is said to be somewhat safer than the current black magnetic strip technology on the backs of credit cards.
Card processing companies claim that the chip technology, though not foolproof, will eliminate most of the credit card fraud in the US as it has an additional barrier, as compared to magnetic strips that are prone to easy replication by hackers.
Proponents of chip card technology vouch for its safety as unlike magnetic strip cards that transfer a credit card number when they are swiped at a point-of-sale terminal, chip cards use a one-time code that moves between the chip and the retailer’s register. This code, they say, is useless to anyone even if hacked.
The chip technology has not been adopted in the US on a large scale due to cost factors and disputes over network ownership.
Retailers are not willing to invest in new cash registers and back office systems to handle the new cards, and are also in frequent dispute with card issuers over access rights and choice between a signature-based system or personal identification number system.
But a string of high-profile data breaches in the past, including Target and Neiman Marcus last year, has led to a change in stance for retailers. Recently, there were reports of hackers stealing consumer data from eBay’s computer systems.
Target is accelerating its $100m plan to roll out chip-based credit card technology in its nearly 1,800 stores, and announced partnership with MasterCard to issue branded Target payment cards equipped with chip technology early in 2015.
Though the jury is still out on the ‘supposedly’ better protection offered by chip technology, its opponents argue that chips don’t prevent fraud in online transactions, where consumers often enter credit card numbers into online forms. Other technologies, such as point-to-point encryption, have been suggested as better long-term solutions.
Ken Stasiak, founder and CEO of SecureState, a Cleveland-based information security firm that investigates data breaches, said, "Chip and pin is just another security component. What matters is how companies like Target use consumer information, how they protect it."
But the credit card companies like Visa and MasterCard also have a stake in the whole process as if data breaches continue to occur with increasing frequency, it will drive away consumers who will look for safer options to make payments.
As per a new liability shift set to occur in October 2015, the costs resulting from the theft of debit and credit card numbers will largely fall to the party involved with the least advanced and most vulnerable technology.
So in case, if a card issuer or bank has upgraded to chip technology, but the retailer involved hasn’t, the retailer will be liable for the costs.