Credit cards are nothing new in the United States or elsewhere in the world (there’s even a format to the numbers!), but this year, a big change is coming to the plastic payment form that will make its transactions more secure.
Curiously, the USA is behind Europe and other countries that have already adopted the new credit card standard. Before you start seeing new terminals deployed in stores and get a weird new card sent to your house, let us explain what’s changing.
What’s Wrong with my Current Card?
As they are now, US credit cards have a magnetic strip that contains all the info about them, such as expiration date and card number. When you swipe one at a retailer, all that info is transferred to them so they can authenticate your purchase. When you shop online, you obviously can’t physically swipe your card, so you enter the card number, expiry date, and the secure code so you can be charged correctly.
This is all well and good, but insecure. In December of 2013, retailer Target suffered a massive breach that included some 40 million credit cards’ information leaked. Anyone that had swiped their card at Target transferred their information to the company’s database, and when the hackers broke in they had all they needed to start fraudulently using the cards wherever they wanted.
The bottom line: currently, the magnetic stripe on your credit card allows its static information to be duplicated. If someone gets a hold of all your card’s information, it’s essentially as good as having the card itself.
What do the New Cards Do?
Enter the new standard: EMV cards. Standing for Europay, MasterCard, and Visa (Discover and American Express are also on board), these new cards include a small chip that works with new payment terminals. Instead of swiping your card to pay, EMV cards require you to place them in a new slot, which is called “dipping.” Touchless payment is also possible with these cards, similar to Apple Pay and Google Wallet with your smartphone, but to simplify the rollout this won’t be supported at first in the USA.
You leave the card in the reader during the entire transaction, and it creates a unique ID for that sale instead of handing over the unchanging info of your card. Even if a thief were to steal this transaction information, it would be basically useless to them because they can’t use it to charge the card elsewhere.
How Will This Affect Me?
This new technology will affect both debit and credit cards. Most reputable providers already have a no-liability policy which guarantees that you as the user aren’t responsible for charges placed by a swindler, but the EMV standard changes the rules a bit.
October 1, 2015 is the deadline for businesses to start accepting the new chip cards and for providers to give them out to their customers. If a business chooses not to upgrade to the new readers and your credit card information is stolen at that store, for example, the business is responsible, not the card company. You won’t experience any changes in liability from the migration, but payment will be a little different.
New readers have a slot to accept EMV cards like the picture above. To make the movement more fluid, the first wave of chip cards will still have a magnetic stripe than can be used just like before. However, if you have a chip card and try to swipe it like you did in the past, it won’t accept this; you’ll need to “dip” it. The magnetic stripe is only included to allow you to interact with legacy readers that haven’t upgraded yet, where it will function in the same way it used to.
The authentication standard will be a bit different in the US than it is elsewhere. Chip and PIN, used abroad, is a method that requires a PIN at payment time for each different credit card. To avoid forcing people to remember yet another password for their credit cards, the US will be starting with the Chip and Signature method, more reminiscent of the current method. This less-secure protocol simply uses your signature to authenticate purchases, which isn’t great because many retailers don’t even bother to check if the signature on the card matches the one you give them.
Will It Help Much?
Though this new standard will help prevent credit card fraud, it isn’t perfect. The physical cards will still have expiration dates, numbers, and security codes on their backs, so online credit card fraud won’t be defeated. A thief could also forge your signature with your physical card to make unauthorized purchases, or find an old terminal that haven’t adopted the new standard. However, when it comes to finances any bit of protection is a step in the right direction, so these cards will definitely help somewhat.
What do I Need to Do?
Realize that there won’t be a country-wide change on October 1. Card-issuing companies are trying to get EMV cards to customers before that date so that they aren’t liable after the deadline hits. You’ll likely receive an email, letter, or notice on your bank or credit card company’s website about the new standard, and how they plan to roll it out. Most will probably go by current card expiration date, so it may be a bit before you see your shiny new card arrive.
If you’re interested in getting a new card right away, contact your company by phone, email, or even Twitter and ask what can be done. Keeping on top of your finances is essential, as we’ve been writing about recently, and these cards are just one more way to protect yourself.
Chip cards won’t be a revolutionary change, but they are an important one. Now you know all about them and what to expect as they begin appearing in the wild.
Interested in more about card payments? Check out five PayPal alternatives to consider, as well as Android tools that allow you to accept credit cards on-the-go (and what this means for the EMV standard!)
What do you think about the new EMV cards? Will you be adopting a chip card soon, or waiting for one to come to you? Comment below and let us know!