SDN Blog

Bank cards with computer chips finally making way to U.S.

Posted on Monday, June 30, 2014 in Broadband Internet

Blog written by

Chip and Pin Credit Cards

The timetable seems uncertain yet, but chip-card technology finally is expanding to bank cards in the United States.

Smart cards that can help reduce fraud have been in used in other countries for years, but they will be new to most users in the United States.

So-called “chip and PIN” cards will carry sensitive information on a computer chip instead of a magnetic stripe. For added safety, customers might be able to provide their own personal identification number to complete transactions.

Referring to the new bank cards coming to U.S. users as “chip and PIN” might be premature and overly optimistic, however. Judging from multiple industry reports, “chip and signature” cards are likely to be the most common deployment of chip-card technology in the United States, at least initially.

Security experts says that chip-and-signature cards should help reduce counterfeiting problems, but they won’t offer protection for cards that are stolen or lost. Regardless, chip-and-signature cards should be an improvement over the magnetic-stripe cards.

SDN Communications, the host of this blog, won’t have a direct role in helping financial institutions, retailers or other businesses roll out new wave of bank card technology. However, as a premier regional provider of broadband connectivity and high-tech security services for business, SDN definitely is interested in how the conversion plays out. Many businesses and institutions that will be affected by the change are SDN clients.

Devil in the details

The conversion will create hassles and new expenses for banks and businesses involved in card payments. Put the blame for that where it belongs: on hackers and thieves who seek and exploit vulnerabilities in security systems.

EMV chip cards were developed by Europay, MasterCard and Visa, and were rolled out in a number of countries with fraud problems during the 2000s.

Card companies are encouraging merchants and banks in the United States to upgrade their payment equipment by October 2015. The main incentive appears to be the threat of liability. Merchants or card-issuing banks that don’t upgrade their equipment risk being assigned liability when future incidents of fraud occur.

Shawn Lyons, executive director of the South Dakota Retailers Association, says the implementation date for chip cards in the United States seems to lack certainty. The implementation timetable will depend on when card companies get process details wrapped up, he says.

“I think the technology is coming. The question ultimately is going to be who is going to pay for that technology?” he says. “The devil is in the details.”

Curtis Everson, president of the South Dakota Bankers Association, says a lot of the security burdens associated with card payments fall on retailers making sales and the care that they take.

“You can do a million things with technology, and you’ll never stop all of it (fraud) because there’s a human element involved,” he says.

Information about card-chip technology is available from a number of organizations and businesses, such as www.creditcards.com.

Security footnotes

Technology is constantly evolving. No one knows exactly where payment technology will settle.

Nexus Smart Pay, a Rapid City business affiliated with the South Dakota School of Mines & Technology, promotes what it calls the world’s first electronic, point-of-sale payment system that uses a biocryptic authentication. To make a purchase, a buyer places his or her fingertip in a sensor. That’s it. No card is needed.

The company also promotes the system as the world’s most secure payment system. It’s a fascinating process. Maybe it will catch on. The system is in use in a few Rapid City businesses, including a coffee shop. You can watch a promotional demonstration video below.

<iframe frameborder="0" height="276" src="//www.youtube.com/embed/Rtj1JBoECeg?rel=0" width="490"></iframe>

Bank cards that use radio-frequency identification technology, or RDIF, also were designed for convenience. But are raising security issues.

Cards with RDIF chips can be waved near an electronic sensor. The trouble is that, as consumer advocates have demonstrated, people equipped with mobile reading devices can steal credit card information without touching the victim or a card. Thieves just need to get close enough to the victim’s wallet or purse – within a couple of inches of a card, apparently - to read the information.

Users can protect information on RDIF cards by carrying cards in a protective sleeve or metal case, or by wrapping the cards in aluminum foil. Some users disable the RDIF chip by puncturing it and just use the magnetic-swipe option.

To see video examples of RDIF thievery, just check out these videos of electronic pickpocketing.