Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security The Almighty Buck

EMV Technology In Credit and Debit Cards Reducing Counterfeit Fraud, Says Visa (usatoday.com) 225

Posted by msmash from the to-a-brighter-future dept.
An anonymous reader cites an article on USA Today: The new chip-enabled cards flowing into the U.S. marketplace have already made a dent in fraud, with some of the biggest merchants seeing a dip of more than 18% in counterfeit transactions, according to Visa. Among the 25 merchants who were suffering the most instances of counterfeit fraud at the end of 2014, five that began processing credit and debit cards equipped with the new EMV technology saw those infractions fall 18.3% as of the final quarter of 2015, says Stephanie Ericksen, vice president of risk products at Visa. Meanwhile, five of those merchants who were not yet equipped to handle chip-enabled cards saw an increase in fraudulent transactions of 11.4%. "We're seeing EMV is having a positive impact on counterfeit fraud," Ericksen says. "Merchants who implement chip, their counterfeit fraud is going down, while those still finalizing plans, their counterfeit fraud is going up."Also from the report, "Visa on Tuesday also announced a software upgrade that will shave the amount of time spent on chip card transactions. With 'Quick Chip,' consumers can dip their chip cards into the terminal and withdraw it in two seconds or less, instead of waiting until their purchase is authorized. The consumer can 'put the card in the terminal and put it right back in your wallet and . . . move to get their coffee, or hamburger or start bagging their groceries,' Ericksen says. Ars Technica has more details.
This discussion has been archived. No new comments can be posted.

EMV Technology In Credit and Debit Cards Reducing Counterfeit Fraud, Says Visa More

EMV Technology In Credit and Debit Cards Reducing Counterfeit Fraud, Says Visa

Comments Filter:
  • With the potential speedup. I intentionally avoid/bring cash to places that have the chip slot enabled because it typically takes 5 times as long to process the transaction.

  • Now how about more of you merchants finally move forward with contactless payments?

    • Re: (Score:2)

      by Etcetera ( 14711 )

      Now how about more of you merchants finally move forward with contactless payments?

      That involves RFID and/or NFC, right? How does "add wireless stuff to it" make any system at all more secure over an overt and obvious physical interaction?

      • Re: (Score:2)

        by Mousit ( 646085 )

        That involves RFID and/or NFC, right? How does "add wireless stuff to it" make any system at all more secure over an overt and obvious physical interaction?

        Apple Pay and Android Pay both implement tokenization [wikipedia.org] for their contactless systems, which is significantly more secure than non-tokenized transactions, physical interaction or not. The massive Target hack, for example? Wouldn't have worked on tokenized transactions.

        Tokenization is part of the EMV Payment Specifications [emvco.com] so it could be implemented in physical chip transactions as well. Might have been, I'm not sure off-hand. But Apple Pay in particular got a lot of press for being the first implementat

    • Now how about more of you merchants finally move forward with contactless payments?

      Most of the new EMV-capable terminals also have the near-field chip. You and the merchant will often be equally surprised to find that your smartphone payment system will work on such terminals.

  • Welcome to the World (Score:3)

    by Ashe Tyrael ( 697937 ) on Wednesday April 20, 2016 @05:18PM (#51951817)

    Most of the rest of the world has had EMV for about 10 years, often wondered why it never caught on sooner over there.

    • but it's not what EMV does, instead it is a slower 60 second process of sticking the whole damn card into a slot and waiting for an authorization. meanwhile, I take cc card with chip and tap it on reader to board electric train and get charged, elapsed time 1.5 seconds. WTF you payment processors?

      • instead it is a slower 60 second process of sticking the whole damn card into a slot and waiting for an authorization.

        Did you mean 6 seconds? Because I've never had the process take more than that. True, it's not as fast as swiping a mag stripe or tapping on a reader, but if you had a transaction take 60 seconds, there was something seriously wrong with that payment terminal.

      • I used a chip card today, in the US (Walgreens to be precise). The authorisation took maybe 4 seconds. No longer than swiping it would have taken.

        Having said that I do like using contactless when outside the US (Australia, Canada, Europe...) as it's even faster!

    • Re:Welcome to the World (Score:5, Insightful)

      by Fnord666 ( 889225 ) on Wednesday April 20, 2016 @05:38PM (#51951985) Journal

      Most of the rest of the world has had EMV for about 10 years, often wondered why it never caught on sooner over there.

      Because none of the parties involved in the transactions were losing enough to fraudulent transactions to justify the expense of implementing EMV across the ecosystem. It took a shift in the liability mandated by Visa and MasterCard to drive any real change.

    • Inertia (Score:5, Insightful)

      by Solandri ( 704621 ) on Wednesday April 20, 2016 @05:55PM (#51952057)
      The country where something is developed first is saddled with a large installed base of the older tech. Countries which hop on the bandwagon later benefit from the experience of that trailblazer, and get the better tech right off the bat. Other examples include:
      • African countries lead the world in ratio of cellular vs landline phones - they just skipped landlines almost entirely.
      • Digital cell phones came to the U.S. last because the U.S. was first with analog cell phones - not only did U.S. companies have to build a digital cellular network, they had to transition all their analog customers to digital and dismantle the old analog network.
      • Japan initially led the world in HDTV technology. The government pumped billions of dollars into R&D to insure the HDTV standard would be the Japanese standard. But their tech was based on analog broadcasts. In the mid-1990s, computer technology became advanced enough to allow real-time digital decompression of a HD-resolution video signal, and the U.S. leapfrogged Japan and set all the digital HDTV standards we use today.

      • Re HDTV though, the US didn't really set any true 'standards', assuming you mean global standards. As is typical, they did their own thing (ATSC) while the rest of the world did something else (DVB-T).

      • Re: (Score:3)

        by dave420 ( 699308 )

        Analogue cell phones were first deployed in Japan, and then in the Nordic countries. Clearly your argument is nonsense. I'm sure it's a great weight off your mind to hand-waive the US's technological short-comings away by simply shrugging, mumbling "frist!", but it has no foundation in reality.

      • Comment removed based on user account deletion

      • Re: (Score:2)

        by mjwx ( 966435 )

        The country where something is developed first is saddled with a large installed base of the older tech. Countries which hop on the bandwagon later benefit from the experience of that trailblazer, and get the better tech right off the bat. Other examples include:

        • African countries lead the world in ratio of cellular vs landline phones - they just skipped landlines almost entirely.

        Erm... this is mainly because when they tried to lay copper, it was being dug up to be sold as scrap metal.

        Fibre optic cable between mobile towers isn't valuable enough to be worth digging up.

      • One of the first countries to roll out EMV was the UK, where there were plenty of magstripe cards.

        Try again. I'll give you a hint. The real reason is that in the USA Visa is an ordinary company, whereas in the rest of the world it was owned by the banks. In one setup there is incentive to fix things. In the other, not so much.

      • Re: (Score:2)

        by AmiMoJo ( 196126 )

        Not really... Japan decided not to get on the digital broadcasting bandwagon too early, because the licence funded broadcaster NHK didn't think the image quality was good enough with MPEG-2. Instead they went straight to H.264 for both SD and HD, starting to 2003. They also resisted the temptation to have 100 terrestrial channels, all of that total crap with low bitrate images, and instead opted for a smaller number of full HD channels and accompanying "1seg" mobile versions (most cars and many phones can d

  • 18% less fraud.... (Score:4, Funny)

    by ganjadude ( 952775 ) on Wednesday April 20, 2016 @05:20PM (#51951839) Homepage
    what does that translate into reduced fees for us????

    oh wait....
    • What fees are you paying on your credit card? Outside of foreign transactions fees, I've NEVER paid for a credit card in any way.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        Please share with us your list of merchants who are not passing the transaction fees on to the consumer.

        Still, some are certainly paying more because of their credit card habits.

  • More room for improvement (Score:3)

    by twotacocombo ( 1529393 ) on Wednesday April 20, 2016 @05:29PM (#51951921)
    In my experience, they could speed things up a lot if they'd start putting the chip slot on top. I'm 6'3", and can't see those stupid slots on most of the current local checkout terminals. I swipe my card by default, only to have the machine tell me to stick it in some hole I didn't even know was there because the thing is at waist level with the slot on the front of it. I have to bend over and search for the damn thing, and start over. If the slot was on top, I'd know it was there and would just do that from the get go. It also doesn't help that some of these same models of machines don't have the chip reader installed, but do have the slot that's filled with a plastic blank; It's anybody's guess at this point.

    • I'm astounded at how poorly engineered the entire system is. The slot is hard to find (especially for tall people) and it takes way too long. Wasn't this system in Europe for 10 years? Didn't they test it at all before rolling it out?

      • Doesn't sound like you've got the same kind of card units we have in Europe, here they're integrated handset-sized boxes which do all the card interactions and are either wireless or cabled into the POS. They can usually be picked up for use or are mounted high up, some do have swipe slots but I've no idea why as I've not had a card that could be swiped for over a decade.

      • Re: (Score:2)

        by dave420 ( 699308 )

        Yes, and apparently they don't find the same problems you do. Or maybe there is a good reason for them being the way they are, and you just haven't figured it out in the few seconds you've thought about it before condemning it?

  • Like so many transitions, they were underambitious and didn't go far enough in the first round. They should've gone straight to chip-and-pin, which Europe uses, and enhances security further.

    They worried that having PINs would confuse people, etc. etc. Boo hoo. If history shows anything, it's that providers way overestimate the cost of making these upgrades, and people get used to it and get dragged into the future quicker than you think, and there's no point delaying. Grandma needs to switch,

    • Re: (Score:2)

      by DogDude ( 805747 )
      The transitions have nothing to do with the customer. These transitions are a big expense and a big headache to merchants. We're still waiting until everything gets settled down before we even consider switching systems.

    • Re: (Score:2)

      by Mousit ( 646085 )

      They worried that having PINs would confuse people, etc. etc. Boo hoo.

      That was always a red herring and never an issue. Especially when you consider that debit card transactions (with PIN) are very common in the U.S. Arguably more common than credit cards, depending on the retailer. Or shit, just think of everyone with a smartphone; if they're not using a fingerprint, they're using a PIN every time they unlock their phone. Americans do not have issues with PINs. I mean, speaking of "Grandma needs to switch", yeah, my grandmother uses debit with PIN herself. She'd likely

      • That was always a red herring and never an issue. Especially when you consider that debit card transactions (with PIN) are very common in the U.S. Arguably more common than credit cards, depending on the retailer.

        No, it's not a red herring. People do not remember their PINs. I'm in a weird spot where I went from software development into the garden center business and I wrote our POS software that we've been running for about 4 years now. I also become a cashier on occasion. My POS software looks up the

        • But, experience from working a lane is that an awful lot of people will revert to credit instead of PIN debit... and some explain it as they don't know their PIN.

          Some may explain it that way, but the most common reason to want to use credit instead of debit is that they get rewards or cash back for using credit and nobody gets anything for using debit.

    • Do you know of any major US companies that offer chip and pin credit cards? I did some research and the only ones I saw were offered by credit unions.

  • WTF is EMV? (Score:5, Insightful)

    by Megane ( 129182 ) on Wednesday April 20, 2016 @05:43PM (#51952007)

    It would have been nice if TFS or TFA had explained what EMV [wikipedia.org] is. I only this past month got my first chip card (I'm in the U.S.) and had never seen the acronym before.

    And yes, it is annoying to have to leave the card in there for so long, not to mention the card slots that are placed where they are hard to see. Even more annoying is that before I got the chip, I basically was never asked to sign for amounts less than $50. Now I'm sometimes being asked to sign for smaller amounts. I don't mind the industry wanting more security, but maybe they could think about the user experience side of things a bit more?

    • Re:WTF is EMV? (Score:5, Informative)

      by Cimexus ( 1355033 ) on Wednesday April 20, 2016 @06:59PM (#51952379)

      Well unfortunately the US took the half-assed approach of moving to chip, but still requiring signature. Everywhere else it's chip + PIN. By the time you've typed the 4-6 digits of your PIN, the chip reading part of it is generally done and the whole transaction is generally quicker than the whole 'cashier hands you annoying piece of paper and a pen and you sign' rigmarole.

      Even better, most places outside the US these days have contactless payments available at most merchants. For smaller amounts ($100, $50, varies by country), tap your card on the reader and you're done. Takes literally 1 second.

      • I haven't seen anything faster or safer than Apple Pay, for example.

        • Comment removed based on user account deletion

        • Re: (Score:2)

          by Geeky ( 90998 )

          I assume you need to unlock? I'd say contactless cards would probably be quicker than unlocking a phone, even with fingerprints? That said, I believe you can do it with an Apple watch, and that's even quicker - I know someone who uses his on the London tube instead of an Oyster card - just taps his wrist on the reader, no need to even get anything out of a pocket

        • Apple Pay is much worse than the NFC payments the rest of the world uses.

          1) You need an iPhone. Apple's marketshare outside of English speaking countries isn't that high.

          2) You need batteries. NFC credit cards don't.

          3) An iPhone is physically much larger than a card.

          4) Apple Pay has to be initialised by putting in your card details, which makes it perfect for washing stolen CC#s. NFC cards are sent to you straight from the bank, so, there's no intermediate fraud-prone step.

      • Well unfortunately the US took the half-assed approach of moving to chip, but still requiring signature. Everywhere else it's chip + PIN. By the time you've typed the 4-6 digits of your PIN, the chip reading part of it is generally done and the whole transaction is generally quicker than the whole 'cashier hands you annoying piece of paper and a pen and you sign' rigmarole.

        Even better, most places outside the US these days have contactless payments available at most merchants. For smaller amounts ($100, $50, varies by country), tap your card on the reader and you're done. Takes literally 1 second.

        20 Euros typically.

        The problem is that there are portable card readers that scammers take into crowds (ie metro) and scan wallets and purses randomly, taking less than 20 euros each time - no authentication and unless the target is checking their statements carefully they never even notice.

        Problem two is where a vendor accidentally or deliberately double taps the card. (so never let it out of your sight).

        I've told my bank to remove this service because I prefer to take the few extra seconds to put in my pin

    • And yes, it is annoying to have to leave the card in there for so long, not to mention the card slots that are placed where they are hard to see.

      My bank's ATMs which use the chip look identical to the ones that don't, so I get to play a guessing game as to whether they want me to remove my card before I make my transaction...

      • Re: (Score:2)

        by cdrudge ( 68377 )

        My bank solved that problem. You have to insert then remove your card as you normally would, then wait for it to prompt you to reinsert your card where you leave it until your transaction(s) are done.

        This, combined with their chip not being accepted randomly for multiple retailers as a "credit" transaction, and their refusal to support Apple Pay or Android Pay because "it may just be a fad" really makes me want to find another credit union. But they are the largest in the area so I doubt other local CU wo

  • I'll have to look up how it works later but this is how it should work.

    The card should sign a token given by the terminal for a one time transaction.

    The token should then be used to finalize the transaction.

    This is completely acceptable. If the terminal is simply copying the private key then it's completely wrong.

  • Heh, if only it worked (Score:4, Interesting)

    by infinite9 ( 319274 ) on Wednesday April 20, 2016 @06:39PM (#51952293)

    I'm a US citizen living outside the US. Let me tell you that these chip cards are a nightmare for us. They work about 50% of the time, with no rhyme or reason as to when they'll work or why. Trying the card a second time sometimes works. Sometimes the machines ask for PIN codes when there isn't one, other times not. When this happens, I can enter any random number and the transaction goes through. A card will work at a particular gas station one day, then not the next, then works again the following day. The cards will usually work in one store, or almost never work in another store.

    Locals with the new machines have no idea what they're doing. Sometimes they swipe cards with no magnetic stripe. Sometimes they pull the card out before the transaction is done. Sometimes they argue with me telling me it's a debit card when it's a credit card.

    And in all cases, whenever the card doesn't work at a purchase, the error message is "declined".

    My chip Visa ATM cards work in almost no machines here, while the magnetic stripe cards did. Some give the wrong menu options on ATM machines, allowing "savings account" as the only option when I have only a checking account. Others work or don't at random. The error message is useless. Or sometimes I get different error messages depending on whether I select english or spanish at the ATM. In general, I have about a 1 in 5 chance of extracting some amount of money from a machine. When I call the customer support number on the back of the card, they swear up and down the card works just fine.

    I'm slowly removing myself from a reliance on banks and even money in general. These idiotic chip cards are only encouraging me to hasten my exit.

    I'm convinced this is about 10% pilot error at the point of sale, and 90% a technical problem on the bank servers in the US. The development was probably outsourced to the lowest bidding indian consulting firm.

    • Re:Heh, if only it worked (Score:5, Informative)

      by Cimexus ( 1355033 ) on Wednesday April 20, 2016 @07:01PM (#51952387)

      I would suggest getting a chip card from a local bank wherever you are. The technology works great in most places I've been (Canada, Europe and yes even the US), but then, my home bank is in Australia where chip + PIN has been established standard for well over 10 years. The US cards are kinda 'frankenstein' because they have the chip but generally no PIN (i.e. the US went with the weird hybrid approach of having a chip but still requiring signature).

      • The accounts are in the US. I need to draw the money from there. I don't have a bank account here on purpose because of FACTA.

        • Fair enough - FATCA is a bitch I agree (as someone who holds accounts in both the US and Australia I'm all too familiar with it...)

    • Re: (Score:2)

      by Dantu ( 840928 )
      Sounds like your bank has really messed up the deployment.
      We've got chip & pin here in Canada and my card works flawlessly both in Canada and in the USA. My card has a the raised lettering, magnetic stripe, a chip, and contact-less payment. I've actually used all 4 recently:
      1. Raised lettering - at a Mennonite farm (long story, normally would have brought cash)
      2. Magnetic stripe - in the USA last year
      3. Chip & Pin - everyday, larger transactions and places that don't have tap
      4. Tap & P

      • The issue is that for mysterious reasons US banks believe Americans are too dumb to remember their PINs. So American chip cards are unlike the cards used everywhere else in the world, they're "Chip and Signature" rather than "Chip and PIN". Not surprisingly, this unique mode of operation causes interop issues because it's never been tested at scale before.

    • I'm a US citizen living outside the US. Let me tell you that these chip cards are a nightmare for us. They work about 50% of the time, with no rhyme or reason as to when they'll work or why. Trying the card a second time sometimes works. Sometimes the machines ask for PIN codes when there isn't one, other times not. When this happens, I can enter any random number and the transaction goes through. A card will work at a particular gas station one day, then not the next, then works again the following day. The cards will usually work in one store, or almost never work in another store.

      Locals with the new machines have no idea what they're doing. Sometimes they swipe cards with no magnetic stripe. Sometimes they pull the card out before the transaction is done. Sometimes they argue with me telling me it's a debit card when it's a credit card.

      And in all cases, whenever the card doesn't work at a purchase, the error message is "declined".

      My chip Visa ATM cards work in almost no machines here, while the magnetic stripe cards did. Some give the wrong menu options on ATM machines, allowing "savings account" as the only option when I have only a checking account. Others work or don't at random. The error message is useless. Or sometimes I get different error messages depending on whether I select english or spanish at the ATM. In general, I have about a 1 in 5 chance of extracting some amount of money from a machine. When I call the customer support number on the back of the card, they swear up and down the card works just fine.

      I'm slowly removing myself from a reliance on banks and even money in general. These idiotic chip cards are only encouraging me to hasten my exit.

      I'm convinced this is about 10% pilot error at the point of sale, and 90% a technical problem on the bank servers in the US. The development was probably outsourced to the lowest bidding indian consulting firm.

      I've been living outside the US for almost 15 years and with various banks and cards I have never experienced any of the problems you're having.

  • They might be great in Europe but they're really badly done here in the US.

    The new terminals are just plain slow. Even without the chip, it often takes over a minute to approve the transaction, and (unlike before) you can't swipe the card and put it away until the checker has completed scanning all the items. More than once, I've just left a pile of bagged goods at the counter because the thing didn't work at all.

    So I have simply stopped shopping at places that require the chip. Amazon ships most non-foo

  • See https://www.lightbluetouchpape... [lightbluetouchpaper.org]

    It's actually worse now: for about $20 you can get a stick-on chip to make your own cracker-card.

    Chip-and-sign in the US is no more secure, but it has the brilliant advantage of allowing the victims to prove it wasn't their signature and recover from the banks.

  • In my USA experience, it's not the actual 4-6 seconds that my chip card transactions take,
    it is the sluggish and confusing UIs on the terminals that fail to immediately note the card is present,
    then appear to go blank, then display a poorly drawn "do not remove the card" splash,
    which was obviously an afterthought added when the terminals were put in front of actual users.

    The UI problems are obvious, as everywhere I go there are hand-drawn warnings and instructions taped to the terminals, because the de

Slashdot Top Deals

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Close