Daniel Castro, of the Center for Data Innovation and the Information Technology Innovation Foundation, recently penned an opinion piece in The Hill asserting that secure smart card Chip & PIN is “old and outdated technology.” Castro could not have been more wrong. The president’s recent Executive Order on Improving the Security of Consumer Financial Transactions wisely mandated Chip & PIN because it is an established and trusted technology used worldwide to protect consumers, retailers and the banking system from identity theft and fraud. The recent increase in domestic fraud is a consequence of the United States being the last G-20 nation to adopt this technology, making Americans an easier target for financial fraud and identity theft than foreign consumers.  

One day, mobile payments will be a convenient secure way to help consumers conduct their financial transactions, but this emerging technology has many years of development, standardization and interoperability ahead. This payment innovation may supplement bank cards one day in the future, but is currently only suitable for a narrow pool of smart phone owners in a very limited number of retail locations, and is far from standardized. 

Chip & PIN, delivered on a smart card, is the only mature secure payment technology that has successfully protected tens of millions of consumers from actual fraud and identity theft.  While no technology can prevent all fraud, Chip & PIN cards are a strong, proven, and available solution for nationwide deployment.  Statistical losses from fraud in countries that have already deployed Chip & PIN are minimal and primarily a result of thieves seeking to exploit transactions where a card is not present, such as in online sales. Fortunately, inexpensive USB Chip & PIN card readers are becoming increasingly available to address this very issue. 

Despite Castro’s contention, tokenization – automatically substituting the credit card number for a unique, securely generated alphanumeric sequence – is not a substitute for Chip & PIN and smart card technology; in fact, Chip & PIN supports tokenization for both online and offline use. In a Chip & PIN transaction, the card is authenticated as being genuine, the cardholder is verified, and the transaction includes dynamic data that is unique and not replicable for any other transaction, preventing any future fraudulent transactions.  

Secure identity is a serious business in our physical and digital lives today, and its importance is only increasing. The Department of Defense, and all other Federal agencies issue smart cards to employees for their personal identity credentials, and the State Department includes the same technology in all passports. Smart card-based credit and debit cards supporting systems to protect consumers are currently rolling out across the United States to protect consumers, and this adoption will only continue to rapidly increase in 2015. These systems will carry consumers forward while we anticipate future innovations like secure mobile payments, whose development will offer consumers multiple platforms in which to enjoy secure financial transactions.   

We believe secure mobile payments – along with secure chip-enabled smart cards – will be an important part of a secure payment and identity ecosystem. No one technology can be the silver bullet that solves all potential cybersecurity problems. The key to protecting consumer’s identity and financial interests relies on technology manufacturers, implementers, and users working cooperatively with each other to bring security to the payment market. 

The Secure ID Coalition welcomes everyone interested in creating a robust secure payment and identity ecosystem to join us in a positive, constructive manner, free of divisive rhetoric, to give consumers what they deserve: safe, secure financial transactions across every platform.

Emerick is president of the Secure ID Coalition.