New Chip-Reading Card Readers May Be Flawed

With much arguing with the retail and entertainment industry, EMV is rolling out in the United States. This is a newer technology that helps the credit card industry fight against card counterfeiters. EMV is an acronym for Europay MasterCard and Visa first introduced in Europe, and now at the urging of issuing banks and MasterCard and Visa, coming to a retailer or entertainment venue nearby.

Chip Visa Card

New Chip-Reading Card Readers May Be Flawed

Make no mistake, this is not a fool-proof technology as researchers at NCR, a payment technology company showed, there is a workaround for the new chip card technology that can be used by criminals and hackers. The idea behind the chip is that it cannot be counterfeit and generates a one-time use code for a transaction. So, the theory is that these cards are safer for consumers to use than the old swipe and sign credit cards.

But, once the hackers get the personal financial and other information, they make a new counterfeit card with the information in the magnetic strip that tells consumers to use the chip reader disabled. Julie Conroy, research director for retail banking at Aite Group, a financial industry research company said about the new cards:

“These new and improved cards are being deployed to improve payment security, making it more difficult for fraudsters to successfully counterfeit cards. It is an important step forward.”

But, the NCR research team disputes this claim. According to the researchers, even though retailers and other sellers of goods and services have spent nearly $250 billion on upgraded card terminals, they are still able to be hacked. Why? Because the majority of retailers do not encrypt customer data when it is being transmitted to a retailer’s merchant services provider. This leaves personal identifying information and personal financial information vulnerable to hackers for the length of the transmission – a few seconds to about a minute.

Because issuers of credit cards have as their primary concern, prevention of counterfeiting, this research may require that companies accepting credit cards at their place of business may have to undergo another round of upgrades. However, many, such as Wal-Mart may revolt.

Mike Cook, Wal-Mart’s assistant treasurer, and a senior vice president have gone on record as believing that the entire upgrade to EMV was unneeded. It is his belief, that the best solution, when the updates were made was to follow the lead of Great Britain and make chip readers able to process both the chip and a Personal Identifying Number (PIN). When the UK implemented the chip-PIN technology they saw dramatic reductions in both counterfeiting and criminal misuse of lost and/or stolen cards. In the US, the only concern of the banks was to hamper counterfeiters, so the PIN was not included.

Newer Technology Rushing Ahead

But according to Cook, the Chip-only technology is already outdated. New technology such as ApplePay, SamsungPay and AndroidPay are far more secure, for now, than chip-enhanced credit cards. These systems generate unique one-time codes, just as the chip does, but there is no delay in transmission and your actual account number is never used.

It is a given, that businesses who have a Managed IT Service Provider (MSP) should seek the advice of their vendor to ensure the safety of important consumer personal and financial information. One reason, other than public relations and the cost of fixing hijacked records (about $350 per file) is the increasing use of fines by federal agencies for data breaches.

Networks of Florida is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (850) 434_-8600 or 1 (800) 368_-2315 or send us an email at info@nof.com for more information.