Sure, we know that anywhere from 40 to 110 million Target customers’ debit and credit card numbers, addresses, and other types of personal information were compromised in what could very well be the largest instance of cyber crime in history. If you listen closely, there are some fairly high-ranking experts who are saying that EMV could have prevented this. But, how so?
Lets break it down:
Today’s typical credit cards come standard with the familiar magnetic strip on the back. So, when we swipe our credit cards to make a purchase, that card reader gets a whole bunch of information from that strip, including:
- Purchaser name
- Credit card provider
- Card number
- Expiration date
- CSC or CVV
The key here is that all of such information becomes available immediately, upon swipe. That begs the question, “what is to stop hackers from retrieving everyone’s card readers (or terminals)? (Hint: Nothing. That is precisely what happened at Target.)
That being said, not every Company is taking this laying down. In Europe, Europay, MasterCard, and Visa have begun using a card that better protects this information. In other words, they are making use of a credit card, that employs a little “EMV” chip (instead of the familiar magnetic strip) that stores card holders’ information.
And how is this different from the traditional credit card swipe?
- EMV cards may be used as a credit card, debit card, or an e-wallet
- The data on this chip is encrypted-
- Reader enforces authentication
- Protected by PIN
Is there proof that EMV is better?
According to a Federal Reserve report, in the six years since banks and merchants in England have implemented EMV, credit card fraud has dropped 34 percent. France saw a 35 percent reduction from in-person card use.
So why isn’t the US using EMV?
- It costs about 10 times more for banks to produce EMV than it does for them to produce a magnetic strip-
- All merchant processors would have to switch to EMV terminals
- Companies make $41.2 billion from credit card swipe fees and lose just $5.33 billion to fraud according to The Nilson Report
Yes, the transition to EMV would be ambitious, to be sure. There has been talk of beginning the conversion process in the U.S. as early as October 2015 – though 2018 is looking a bit more realistic. But until then we’ll just have to sit tight, and follow best practices to remain as cyber-secure as possible until things progress.