CREDIT CARD PROTECTION

Credit Card Protection

The next time when you pay with your credit card at check-out, think about this: It is a ritual the rest of the world deems outdated and hazardous. America could be the only developed country still clinging to credit and debit cards with those black magnetic stripes, the kind you swipe through retail terminals. The rest of the developed world has changed -or is in the process of changing- to "smart" chip-based cards.


The problem with that black magnetic stripe on the back of the credit card is that it's about as secure as writing your account information on a postcard: everything is in the clear and may be copied. Card fraud, and the actions taken to prevent it, costs U.S. merchants, banks and consumers billions each year.


The smart cards can't be replicated, which greatly cuts down on the potential for fraud. Smart cards with built-in chips are the equivalent of a safe: they can conceal details so it can only be unlocked using the right key. Since the important information is hidden, the cards can't be duplicated.


But the stripes have been so established within the vast U.S. payment system that banks, payment processors and retailers have failed to attain consensus on how to update it, leaving the U.S. behind the rest of the world. Are you really serious? Retailers, banks and payment processors could make a significant dent in the fraud industry? And they will not. Obviously, there must be monetary gain there for them, somewhere, somehow. Otherwise, they would switch - and fast!!! It is kind of like the petroleum industry - they will switch to an alternative source when they have control of alternative fuels!


There are now significant moves to swap conventional cards for smart cards in a few years. Recently, Visa announced new policies that should give U.S. banks a reason to issue smart cards and stores several reasons to accept them, starting in 2015.


Here's how a smart card works in practice: When it's time to settle the bill at “Billy Joe Bob’s Road Kill Restaurant”, a tiny restaurant just off Hwy 92A in Argentina (go ahead and find it - it is fictitious) the waiter brings to the table a wireless payment terminal. The customer inserts his chip-equipped "smart" credit card and enters his code on the keypad.


Voila! The bill is paid for without the card leaving the customer's sight, and the combination of chip and PIN code kept the transaction protected from fraud.



Research puts the amount of fraud based on stolen card numbers in the U.S. at $14 billion. Fraud based on new card accounts created using stolen identities adds billions more - the total cost of identity fraud in the country is $37 billion.


In an even more momentous shift, in 2015 Visa is shifting the liability for a certain kind of fraud from the banks to stores.


The specific case is this fact: If a customer presents a smart card in a store that can't accept it, then it will fall back to using the backup magnetic stripe on the card. If that transaction turns out to be fraudulent, the payment processor will be liable, and in practice, results in the store taking the loss. Today, the bank would be liable for the fraud. The modification means that banks will have an incentive to put chip-based cards in their customers' hands, since their fraud liability will be reduced once the cards are used.



For their part, stores should have a reason to install smart card terminals, because otherwise, their fraud costs could increase. The price tag on moving to chip-based cards is at about $8 billion, mostly for upgrading payment terminals in stores, research indicates.


The retail federation trade group calls Visa's move a necessary step, however, not a fully satisfactory one. One of the shortcomings is that it doesn't mandate the use of PIN codes with smart cards, so even if the cards cannot be replicated, they could still be used on a signature basis if stolen. Why don’t they mandate a PIN code? Does this seem sensible to anybody?