It’s becoming a familiar sight – seeing a sparkly-new point-of-sale terminal at your favorite local store with a “chip” card reader ….. that doesn’t yet work. At least one grocery store in my area even has whimsical little signs indicating that the “potato chip” reader or the “chocolate chip” reader isn’t functional. The EMV system (referring to Europay-MasterCard-Visa) is making its way slowly to brick-and-mortar retailers and to the pockets of consumers around the US, but has hit many delays.
In most cases, a not-fully-operational card reader doesn’t indicate foot-dragging or negligence on the part of the merchant — having card readers already shows major financial investment in the implementation. A change that was ushered in on Oct. 1, 2015, the process continues to be stymied by delays in EMV implementation between retailers and their payment services providers. Many banks have also been slow to issue new cards to clients. The shift to “smart” cards also means a shift in liability to retailers from card-issuing banks, a potential problem for any retailer not accepting chip cards or banks that haven’t issued them.
“We are in the new environment,” said Bill Boeck, senior vice president and insurance claims counsel with Lockton’s cyber risk practice. There are some exceptions – gas stations, for example, have until 2017 to complete the process. However, there are concerns about the new chip cards primarily being used in the US, which are of the “chip and signature” variety – a POS terminal reads the data from the chip and the customer signs. EMV has been in use for many years in Europe and has shown a reduction in fraud, but the system across the pond uses chip-and-PIN cards, which is generally considered to be more secure. EMV, however, by PIN or by signature, won’t eliminate all data breaches.
“I don’t think we’re going to see a dramatic change in the way breach events happen, at least in the short-term,” said Boeck.
Read the full story
This story in an excerpt of the original. The content originally appeared in Cyber Front Page News. To read the whole story, you must be a subscriber. Subscribe now. If you are a subscriber, check your email for Cyber Front Page News on March 31.