New technology usually comes with its share of consumer concerns. It’s no surprise that urban legends and myths have proliferated about the new EMV chip credit cards. Here are a few of the most common, along with our expert opinion as to their veracity:
- PINs don’t matter.
Researchers from the University of Cambridge discovered that a fraudster with access to the right equipment could fool a merchant terminal into thinking that any PIN is valid. In the United States, merchants won’t be required to collect PINs. Overseas travelers will still have to comply with local customs, and that means setting up a PIN for your American credit card before traveling abroad.
- Thieves can scan EMV credit cards from a distance.
Late night infomercials hawk aluminum wallets and other gadgets that claim to block thieves from zapping your account details right from your purse or pocket. You don’t need those to protect your credit card information. Unlike other, stronger chips based on RFID technology, EMV chips in contactless credit cards work only in very short range from payment terminals.
Even if a thief managed to nab your card’s contents with a suitcase-sized mobile scanner, he or she would only have access to its raw codes, not your actual account details. Trying to use a copied code would result in a declined transaction and a fraud investigation from your card issuer.
- Skimmers can copy EMV card data from a compromised payment terminal.
True, but unlikely.
When New York police busted a 111-member identity theft ring, they learned that the crew got most of their compromised credit card numbers from skimmers at restaurants and retail stores. By passing account authorizations directly to payment gateways without storing credit card numbers, merchants reduce the risk of internal theft of customer data.
- EMV cards will make online shopping harder.
Merchants still determine their own risk tolerance for online and phone orders, but a series of payment platform initiatives can help retailers make remote transactions even more convenient. Some banks have experimented with online cardholder verification using free USB readers that verify an attached EMV card. Visa and MasterCard have launched their own online verification services, while Google and PayPal intend to woo merchants with highly secure online “wallet” services.
Ready or not, EMV is coming
Merchants reluctant to update their point-of-sale equipment to read EMV will soon face th