What every credit union needs to know about chip technology
Does your financial institution offer a credit or debit card program to your members/customers? If so, you should be looking into implementing Chip-and-PIN card technology prior to October 1, when the card associations’ new fraud liability rules step in.
Chip-and-PIN cards, also called EMV or smart cards, utilize a computer chip embedded in the card to authenticate transactions. When this card is inserted into a chip enabled reader to make a purchase, the chip on the card communicates with the reader by sending a one-time, dynamic code unique to that transaction.
Benefits of Chip Technology:
- Because chip cards generate a one-time, dynamic code that changes with each transaction, it is impossible for criminals to develop a counterfeit card with data stolen from a Chip-and-PIN card.
- The security enhancements built into chip technology far exceed that of magnetic stripe technology and will be integral to helping reduce your financial institution’s payment card data breach and fraud exposure when the physical card is used.
- Chip-and-PIN technology will reduce your financial institution’s exposure to card data compromises, and therefore alleviate the time and resources used by your financial institution to process fraud claims and card reissues associated with these exposures.
- Chip-and-PIN technology has the potential to build on your financial institution’s reputation and member/customer base, since consumers are continuing to become more aware of the available security layers in the payment space.
- Adopting chip cards makes it easier for cardholders to travel internationally, since much of the world, including Europe, Asia, and Canada, has already converted to chip technology. In fact, some merchants and ATMs in some nations no longer accept magnetic stripe cards.
Chip Technology Need-to-Knows:
- Chip-and-PIN cards virtually eliminate card present fraud when a point-of-sale purchase is made in a face-to-face environment. However, Chip-and-PIN does not address card-not-present fraud, i.e. online, mail, telephone, or lost/stolen card fraud.
- Financial institutions should continue to deploy multiple layers of protection and enhance existing fraud detection systems to help combat payment fraud in both the card present and card-not-present environments. Payment card fraud can have a very large financial impact on the financial institution.
- If you do not have chip enabled cards by October 1, you may be targeted by criminals and have the potential of increased magnetic stripe fraud. Therefore, the adoption of a chip technology strategy and action plan in 2015 is pivotal.
- Consider upgrading or replacing your ATM terminals to accept Chip-and-PIN technology before the card associations’ fraud liability shifts occur in 2016 and 2017.
- Securely encrypting payment data is critical at the time of entry at the point-of sale terminal.
- ‘Contactless’ payment acceptance using near field communication technology will continue to help secure contactless transactions, including those made on mobile devices.
- Utilizing tokenization instead of the 16-digit card number for payment transactions will limit a criminal’s ability to perform a fraudulent payment transaction and will reduce your financial institution’s risk of storing or transporting sensitive data.
- The adoption of Chip Technology will increase your financial institutions financial stability, reputation, and member/customer base, and therefore should be top of mind for your financial institution in 2015.
This information was previously distributed in January exclusively to clients of Allied Solutions via their risk mitigation emails. To find out more about how to receive these exclusive risk alerts, please contact risk.alerts@alliedsolutions.net.