Credit-card companies and merchants seem to agree that changing the predominant card system in the United States from one that relies on magnetic strips to ones protected by digital chips is the right move, although merchants are balking at the costs of doing so.
Large data breaches at Target and other retailers, and most recently at eBay, have shown a spotlight on the vulnerability of credit cards. Target soon will have its own chip-based company credit card available. Major credit card companies likely will offer the same by the end of 2015.
Digital chips use one-time codes for each transaction that travel only from the card to the cash register. Magnetic strips transfer entire credit card numbers and are much more vulnerable.
It’s important, however, to understand the limits of technology. A chip system, similar to ones already in use in much of the world, would indeed cut down on some types of fraud. However, the new system won’t erase fraud, and it might not have prevented the troubles at eBay. That’s because chips are useless for online transactions, where consumers type credit card numbers on online forms.
For that matter, cards with chips might not have prevented the problems at Target. Thieves who find their way into databanks of customer information could cause trouble regardless of the system used at the cash register. The CEO of SecureState, a security firm specializing in such things, told the San Jose Mercury News that Target’s data was vulnerable independent of the types of cards used.
Even with the recent high-profile thefts, experts say fraud remains a small enough problem that many merchants are content to absorb the risks, which amount to a combined $1.1 billion per year that might be prevented with chip cards, according to a recent Washington Post report.
But the cost of fraud in terms of public relations may be taking its toll and pushing changes. With so much of the retail world relying on credit, confidence is a prime factor, and cards with chips will provide a measure of that confidence and would, in fact, make point-of-sale fraud less likely.
Credit card companies will begin late next year to make merchants liable for money consumers lose through credit card thefts. That should provide further incentive for those merchants to purchase the expensive new equipment needed to process cards that contain chips.
For consumers, however, little should change. They should continue to handle credit card transactions, whether in stores or online, with care. Passwords should be changed frequently. And, despite those precautions, people should be aware that theft still might happen.
Cards with chips still contain private data that can be collected by retailers. Once out of a user’s hands, that data’s security is the responsibility of the merchant. Unfortunately, no one has yet invented a way to make modern shopping completely secure.