The views expressed by contributors are their own and not the view of The Hill

EMV not PIN is key to tighter security

Mallory Duncan’s argument that only EMV cards with PINs can protect consumers from fraud is a curious one considering that not a single major data breach over the last few years could have been prevented with a PIN. The high profile data breaches that resulted in millions of Americans having their card accounts compromised weren’t caused by petty thieves swiping cards out of wallets—they were caused by criminals exploiting cracks in the retailers’ security systems.  While Duncan’s piece fixates on PINs, the reality is that a static four-digit number is incapable of thwarting sophisticated hackers or disguising sensitive credit card information once stolen.  

{mosads}That’s why banks have been working around the clock to issue cards with EMV chips, with an estimated 575 million expected to be in the hands of consumers by the end of 2015. These cards produce a one-time transaction code that can’t be guessed or re-used for future payments, thus adding a dynamic, ever-changing layer of security on top of static card information like account numbers. The EMV chip, not the PIN, is the key to keeping sensitive information safe by making the financial data nearly impossible for criminals to create, sell and use for counterfeit cards. In fact, nearly all of today’s fraud comes from counterfeit cards made with stolen personal and financial data or online theft. PINs only protect against lost and stolen cards, a small and rapidly diminishing portion of fraud, not counterfeiting or card-not-present transactions. 

EMV chips are an important innovation that will better protect consumers’ financial data. But they are only one part of a larger fight against hackers and thieves. Ultimately, the only way to protect our data against these increasingly savvy criminals is by developing better technologies. As more and more commerce takes place online and with mobile phones, two areas where PINs are useless, banks are pioneering cutting edge solutions designed to meet tomorrow’s threats today. Tokenization technologies like those used on Apple Pay, for example, will play an increasingly vital role in keeping your data safe in the future.  

The payments system will only be secure if everybody—banks, payment networks, retailers and consumers—work together to fight a common enemy. Rather than wasting time advocating for static features like PINs, let’s channel our energy towards something more constructive:  implementing the latest technologies and working together to fight the real bad guys.  

Johnson is senior vice president and senior adviser for Risk Management Policy at the American Bankers Association.


More Technology News

See All
See all Hill.TV See all Video

Most Popular

Load more


See all Video