Supposed EMV security shortcomings may be all talk
Recent research from payment technology company NCR suggests hackers can override code on EMV chip cards to make them appear as regular magnetic stripe cards. Why is this a potential problem? Because it would mean EMV cardholders would be prompted to swipe instead of insert, leaving their cards vulnerable to counterfeit fraud.
In addition, fraudsters recently claimed they were able to manipulate dual-interface EMV cards, which offer cardholders the ability to insert, swipe or ‘tap and go.’ They said near field communication (NFC) amplifiers allowed them to read card information on dual-interface cards. With this technology, the fraudsters claim, cards would be at risk even when tucked safely in pockets and purses.
Card issuers, merchants and consumers should know there are security measures in place to address both of these supposed vulnerabilities.
First and foremost, the entire structure of EMV is centered on a dynamic cryptogram response system. When a cardholder inserts his or her card at the point of sale, the card is authenticated using unique transaction data from both the merchant and the card issuer. Any data a fraudster may capture during this transaction cannot be used to perform new transactions.
Additionally, the neural networks payment processors like TMG have in place provide an extra layer of protection against fraud. Among the tactics these systems employ is the validation of card verification values (CVVs). If a fraudster were to overwrite the magnetic stripe on an EMV chip card, the CVV from the transaction would not match up with the CVV in the processor’s system, causing the transaction to be declined.
Although EMV doubters may be quick to point out perceived flaws in the technology, there are proven benefits to it. Already, U.S. merchants with chip-enabled terminals have seen counterfeit card fraud drop by 18 percent. Other countries that have implemented EMV technology have seen similar results. England, France and Canada all saw card fraud drop exponentially after deploying EMV.
While no technology is completely infallible to fraud, the robust security measures card issuers and payment processors have in place help ensure EMV lives up to its promises. The continuous evolution of fraud prevention strategies further positions EMV as the top dog in the fight against fraud.
