Credit cards with smart chips to enhance security are rolling out in a big way this month, but during the transition consumers should be wary.
Email scams allegedly from your bank or credit card issuer are showing up encouraging customers to provide personal information or click on a link to get your new chip-embedded card.
Don’t do it. Your card issuers will simply mail out new cards with the chips through the end of the year and into 2016. Answering the emails will give imposters personal information, and clicking on their link could download malware that could find such information in your computer.
Also, since the new embedded chip cards will not work any differently than our old cards for online purchases, identity thieves are expected to move more diligently online as in-store fraud becomes more difficult. So be extra vigilant in online purchasing (don’t do it on public Wi-Fi spots) and monitor your accounts for any unauthorized transactions.
The new card technology, which has been used in Europe since 1991, puts a microchip on your credit card, enabling each in-store transaction to have its own code, making it nearly impossible to make counterfeit cards or use stolen cards, said Matt Schulz, a senior analyst with Austin-based CreditCards.com.
“It has generally helped in card-present fraud,” he said.
The new technology was not based on a new banking regulation. Instead, the four major card companies — Visa, MasterCard, Discover and American Express — imposed their own deadline of Oct. 1 for U.S. retailers to change their card readers in order to accept the new technology. Stores that didn’t could face the liability of a fraudulent transaction instead of the bank, said Bill Hardekopf, chief executive officer of LowCards.com, an online credit card rating service.
That amount can be significant. In 2014, the total loss from existing credit card fraud in the U.S. was $11 billion, up from $8 billion in 2012, according to a study by LexisNexis.
Fortunately for us, consumers will not face any additional liability, Hardekopf said.
“From a consumer standpoint, the liability does not shift to us in any way,” he said. Legally, a consumer’s liability is a maximum of $50 in case of credit card fraud, but most card issuers waive even that amount.
A report by the Federal Reserve Bank of Kansas City said the new chip cards could reduce credit card fraud by 40 percent in the United States.
Not all retailers have added the new readers yet, however. While Wal-Mart, Target, Walgreens and Costco have switched over, only 43 percent of small businesses that accept credit cards have the new hardware, according to a study by the National Federation of Independent Business.
While adding chip-embedded cards is a good first step in thwarting credit card fraud, many analysts think that the card issuers didn’t go far enough. Most of the new cards will still require our signature, which is rarely compared by retail clerks with the signature on the back of the card and can be easily forged, Hardekopf said.
Instead, most other countries use a chip and PIN system, and the new cards require the cardholder to use a personal identification number.
“We’re doing it in a half-baked way,” Hardekopf said. “The chip and PIN is a lot more secure.”
The Economist reported that the chip-and-PIN technology brought credit card fraud in England to its lowest in two decades. In Canada, it reduced skimming, or stealing credit card data, from $129 million in 2009 to $38 million in 2012.
The National Retail Federation is lobbying Congress to impose chip-and-PIN technology on the card issuers.
“Retailers have already been required to bear the costs of installing these new card readers at an average cost of $2,000 per terminal,” said David French, NRF senior vice president of government relations, in a letter to congressional leaders. “If merchants are forced to accept such costs, the cards should have strong security. In order to take the next step and make customers’ transactions even more secure, these cards should be accompanied with a PIN.”
Teresa McUsic’s column appears Saturdays. TMcUsic@SavvyConsumer.net
Using the new cards
▪ The transaction will take longer than swiping a card. A chip-enabled card needs to be left in the reader until the transaction is complete, which takes a few more seconds.
▪ Customers must wait until all their items are checked at the register before they insert their new card into the reader. Previously cards could be swiped as purchases were checked out.
▪ Some banks offer more secure cards that require a PIN; otherwise a signature will be needed.
▪ Don’t forget your card. By leaving the card in the reader instead of swiping and putting in your wallet, some customers may forget to grab their card when they leave.
Source: Javelin Strategy and Research