When it comes to payments security, consumers are unquestionably safer today than they were a year ago. A year later, chip card use is way up, counterfeit card fraud is down at America’s stores -- and consumers are still protected with the same zero fraud liability protections.
Fighting counterfeit fraud is a matter of addition and subtraction: more chip cards plus more terminals equals fewer bogus transactions at stores. After sharp increases in counterfeit cards, credit and debit card networks announced in 2011 that merchants and banks should be ready for EMV “chip cards” by October of 2015. After that date, the cost of fraudulent in-person transactions would be assigned to whichever party (card issuer or merchant) did not provide chip card technology for the transaction.
The United States is now home to more chip cards than any other country in the world, with more than 700 million already in the hands of consumers. American banks are upgrading cards with technology offered by payment networks such as American Express, Discover, Mastercard, and Visa. In just the last year, there has been triple-digit increases in the number of chip cards issued by banks, making this one of the fastest upgrades of any product in history. The cumulative effect is becoming transformative, with one network’s chip upgrade already reaching 95% of cards.
America’s record-setting pace of chip adoption is already producing security results for consumers and merchants. Counterfeit card fraud is steadily dropping with one recent report from Auriemma Consulting Group showing losses down nearly a quarter since their peak in late 2014. Payment networks report that counterfeit fraud has been halved at merchants who use chip readers. EMV is technology that works.
Despite the considerable progress that banks have made in issuing chip cards, there is still work left to do to further expand EMV acceptance across the country. The payment industry has been responsive to consumer and merchant concerns, working with merchants to roll out “quick chip” technology to address increased transaction times by speeding up the process. Networks have also accelerated certification of new chip merchants, with a goal of quickly bringing as many chip-enabled terminals online as possible.
But merchants have their part to play as well. As we see the benefits of EMV materialize, it is vital that retail industry leaders join the payments industry in communicating EMV’s success to their peers. There is a network effect to EMV adoption—widespread retail use of EMV is the equivalent of the industry inoculating itself against certain fraud. The more merchants who commit to EMV, the safer everyone becomes.
But chip cards are only a start. It is also critical that we keep an eye toward the future. While counterfeit fraud has dropped substantially since last October, online fraud has increased by 12 percent. In times of unprecedented cyber-attacks, payments security must follow the broader cybersecurity consensus that peace of mind comes not from a single measure such as static passwords or PINs, but by deploying an array of adaptive countermeasures. To thwart sophisticated hackers, payment networks have been rapidly deploying dynamic technologies like tokenization, end-to-end encryption and biometrics.
Already in wide use through Apple Pay and Samsung Pay, “tokenization” is a technology that replaces your account number with an alias that is useless if stolen from a merchant. Consumers are benefiting from a proliferation of tokenized options from familiar card issuers and networks. End-to-end encryption scrambles data while in transit and creates a secure “tunnel” between the merchant and bank. Biometric defenses use unique personal markers—like a fingerprint or retina scan—at the point of sale to confirm the purchaser’s identify. USAA has signed up over a million customers to an app that allows customers to sign in with a selfie, and Citigroup is rolling out a voice recognition feature in Asia. As payment networks expand their “wearables” (think FitBits) offerings, our own vital signs may soon serve as our transaction signatures.
Non-stop innovation in payments security is key to combatting online fraud and other evolving threats. But at the register, we must continue to advance the adoption of EMV technology, which is already succeeding in hobbling counterfeit fraud, reducing the inconvenience of continuous card replacements and making Main Street stores far less attractive targets for criminals. While there is still work to be done, we must not allow the challenges of change to overshadow the benefits of chip-card technology—or distract us from our goal of putting payments thieves out of business.
Jess Sharp is the Senior Vice President and Executive Director of the American Bankers Association's Card Policy Council.
The views expressed by authors are their own and not the views of The Hill.