• (800) 846-4472
EMV cards

Magnetic Stripes No Longer the Standard

Brant Schelhass

Effective October 1, 2015, a major change occurred in the way financial liability is assigned for fraudulent card charges made at physical business and store locations. The major credit card networks initiated the so-called EMV liability shift—which essentially assigns financial liability for in-store fraud to the weakest party in the new system of EMV cards. Previously, credit card issuers were typically held accountable. The shift means that if businesses are not accepting EMV cards they face increased likelihood of being responsible for fraudulent charges made at their business. This change comes as consumers gain more access to these chip cards for use in their daily payments. Merchants that have yet to switch are at great risk of becoming liable for criminal activity. Moreover, these cards are more secure than their predecessors. And, they also process a bit differently than traditional magnetic stripe cards. For both businesses and consumers, knowing the difference between EMV cards and regular credit cards is vital.

Magnetic Stripes No Longer the Standard

To understand what makes an EMV card different, it's essential to understand how a regular credit card functions. Since the late 1960s, credit and debit cards followed a standard plastic format of card information cast in the front, with magnetic stripes and signatures on the back.1 The magnetic stripe contains the static information of the cardholder found on the front. When a clerk swipes the card through a reader, the information gets transmitted.

The primary flaw of the magnetic stripe became apparent in the late 1980s: the information within it was static, or unchanging.2 An enterprising criminal could steal card data from one magnetic stripe and make a counterfeit card whose stripe would contain the stolen card data. This made the fraudulent card as effective as the real thing. It also means fraudsters can essentially steal money from ATMs, buy items then return them for cash, and engage in other fraudulent activity—all as a result of having the data on that magnetic stripe. Moreover, the techniques to steal card data became more robust, such as skimming data from a hijacked ATM. Since most purchases require only a signature instead of a PIN for authentication, it compounds the problem.

A Safer Future with EMV Chips

The smart chip featured in EMV cards, found visibly on the left side of the card, was introduced in Europe and soon became the standard for secure card payments in the 1990s.3 Adoption in the U.S. has been much slower, in part because implementation occurred at the private level rather than through government intervention, as well as the widespread use of signature-based authentication. Still, the October 2015 liability shift was the first milestone of a two-year-long transition process in the U.S. The only terminals not covered under the October liability shift are pay-at-pump kiosks found at gas stations across the country. Due to the extra cost of transitioning, they have until October 1, 2017 to make the change.

What makes EMV cards distinct is how the chip interacts with the reader. Instead of swiping, a clerk or customer inserts the card into a slot that reads the chip.4 Some readers may even prompt for this action after an initial swipe. After requesting authentication, the person can then remove the card. Another method, first tested in the early 2000s, was to tap the card against a near-field communication reader, which would also read the information stored on the chip. It sends out a code that not only contains the static cardholder information, but also a unique transaction ID number.

The latter aspect is what makes using EMV not only distinct but more secure. Readers require both the cardholder info and a unique transaction ID. A card never issues the same transaction ID twice thanks to a counter on the chip, and readers won't accept a number more than once. Even if a criminal were to skim the data off the card, it would be impossible to make a transaction because there is no way to determine the next ID number.

In addition to this, EMV chips use cryptographic algorithms to store card data. This information can be difficult to translate, let alone emulate or breach. As a consequence, the cards are far more secure for consumers and retailers.

  1. http://www-03.ibm.com/ibm/history/exhibits/dpd50/dpd50_chronology4.html
  2. http://www.creditcards.com/credit-card-news/emv-faq-chip-cards-answers-1264.php
  3. http://www.bankinfosecurity.com/interviews/history-emv-i-933
  4. http://www.trendmicro.com/vinfo/us/security/news/security-technology/faq-emv-credit-cards

Get An eBook All-Access-Pass

  • eBook About POS
  • Grow Your Business Guide
  • Improve Your Business
  • 5 Steps Secure Your Business

Subscribe to our blog and get an all access pass to our past, present, and future eBooks for FREE.

At Your Fingertips

Download the POS Buyer’s Guide

It's a big job to buy the perfect POS System. This is a robust guide to get you equipped to ask all the right questions to potential providers.

Find a Local POS Provider

With this FREE service we can point you in the direction to providers who can meet your needs, and potentially exceed your expectations.

Take The Next Step

Get Mercury and discover how we continually earn the industry’s top spot in payment processing and excellent customer service.


 
 
Thank you for your interest in
Vantiv Integrated Payments.
We just need a little info to get started.