The card industry’s defense of its lack luster U.S. EMV roadmap continues with another article from the card industry’s mouthpiece about the transition to chip cards. In a surprise to few, it’s a continuation of the same rubbish and finger pointing at merchants we’ve come to expect.

The chip cards millions of Americans have received often come with an informational brochure telling them how their security is the card issuers’ “number one priority.” But that’s not entirely true. And it’s apparent, considering they keep delivering the same disproven lines in an attempt to trick us into believing they are providing U.S. cardholders with state of the art protection from fraud.

ADVERTISEMENT

Like broken records, the card industry and their public faces perpetuate the fiction that merchants had a reasonable amount of time to prepare for the transition to EMV cards. Compared to every other country that has transitioned to EMV, banks and credit unions in the U.S. gave merchants the least amount of time to move to EMV. They chose a date completely at random without consulting merchants, which coincided with the busiest shopping season of the year when merchants were already overwhelmed with serving their customers. Worst of all, they picked this arbitrary deadline while totally unprepared to provide merchants guidance on how to process debit transactions.

On the other hand, they made it as easy as possible for U.S. issuers to move to EMV, relieving them of the most difficult chores required elsewhere (like requiring issuers to implement off-line PIN mechanisms which would have protected cardholders in scenarios when their systems were down). Merchants were set-up for failure and for the liability shift since there was no way most merchants could make the deadline set by the card brands.

Some networks and financial institutions are also fond of misleadingly arguing PINs are irrelevant. They offer as distractions other security measures like tokenization and encryption which many merchants implemented years ago. PINs have been shown by Federal Reserve studies and by overwhelming evidence to control fraud. The fact is the networks and financial institutions are trying to make up for the inability of the card-issuers to devise a means of cardholder authentication other than worthless signatures since it would require a level of investment on their part they want to avoid.

As even the National Association of Federal Credit Unions (NAFCU) article alluded to, PINs are proven security measures that have been used by most of the developed world for years now. The absence of PINs is a huge missed opportunity to help combat online fraud or card not present fraud (CNP fraud). For instance, online PIN authentication technology is now an available tool that can be deployed to better secure online transactions. If your card is lost or stolen, it would be useless unless the fraudster also knew your PIN.

Without question, chip cards are a step forward from the magnetic stripe cards developed in the 1970’s. However, excluding the PIN means lost or stolen cards can still be used for fraudulent purchases.

The banks and card issuers have fumbled the EMV transition from day one – while simultaneously conjuring talking points to hide behind – meaning the U.S. may well have the highest card fraud losses in the world even post-transition. If that occurs, we hope for once the billion-dollar financial institutions and global credit card companies are held accountable for this, and not the American businesses and consumers they’ve left in their wake.  

Horwedel is the CEO of the Merchant Advisory Group – an organization representing most of the largest merchant and franchisee businesses in the United States.