EMV Chip Adoption Will Push Scammers Into Other Types of Credit Fraud

NEWS ANALYSIS: Chip and PIN credit cards using the EMV chip will bolster point of sale security, but other types of online fraud will likely become more prevalent. Here's what to look for.

With all of the discussion about credit card fraud, and how cards with EMV chips might have prevented much of the Target credit card breach, it's easy to assume that those chips solve all credit card fraud. But they aren't a panacea. In fact, more secure credit cards could mean an increase in other types of credit fraud.

Experience in Canada, the U.K. and Europe has shown that once EMV-equipped cards that require PINs are widespread in an area, certain types of credit card fraud drop dramatically.

Everything depends on who is holding the card when a transaction is attempted.

In situations where the credit card is physically present, such as when you're using the actual card in a transaction where there's a card reader, then the chip and PIN system virtually eliminates the use of lost, stolen or counterfeit credit cards.

Because of the way the embedded microprocessor in the credit card works, creating a fake card is impossible. And using a lost or stolen card means you have to also know the PIN.

But there's a rapidly growing segment of commerce in which the card is never presented to the merchant, including when you're buying something online. You've probably noticed that you have to enter your credit card information into a form when you're buying something from Amazon, for example.

When the card isn't physically available to an online merchant such as Amazon, it's impossible to use the chip and PIN method of verification. This is the area where credit card fraud has surged, because thieves want a place to use stolen numbers once the ability to use then in stores dries up.

To validate the use of a credit card for e-commerce, you will need to verify a card number, the expiration date, and something called a credit card verification number (CCV), which will either be those three numbers on the back of your card, or the four numbers printed on the front of an American Express card. Those numbers aren't supposed to be available on the cards mag stripe, but rather are verified when the card is approved with the credit card issuer.

"I'm not convinced that the CCV works," said Tim Russo, fraud team leader for the Chicago office of Cleverbridge, an e-commerce provider and processor for online merchants. Russo said that some earlier versions of the CCV are captured on the mag stripe of some credit cards.

Wayne Rash

Wayne Rash

Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and...