Predictions that the U.S. would adopt secure credit card chip technology date back at least three years. With the announcement that Wal-Mart Stores’ Sam’s Club would begin issuing microchip embedded cards later this month, those predictions finally may prove true.
In the mid-90’s Europay, MasterCard and Visa collaborated to develop a technology standard (appropriately dubbed “EMV”) for securing credit and debit card transactions through incorporation of an embedded microchip in a customer’s credit or debit card in place of the ubiquitous magnetic strip. Merchants in Europe began adopting the use of microchip-embedded cards (sometimes called “smartcards”) approximately 10 years ago. Sources report that more than 80 countries worldwide use some form of microchip technology. However, the use of smartcards in the U.S. has been largely confined to those issued by certain financial institutions and credit card issuers such as MasterCard, Visa and Discover. Click here to view a list of EMV cards available in the U.S.
With its June 4th announcement that it will begin offering a microchip-embedded card (co-branded with MasterCard), Sam’s Club may signal the end of that reluctance on the part of American retail merchants.
In a typical credit card transaction, a customer hands the card to the merchant’s checkout employee, who then swipes the magnetic strip through the point-of-sale (POS) card reader and thereafter may, or may not, require a signature on a generated receipt. However, this method permits the employee to copy the credit card number, either manually or through a card-copying machine. More concerning is the risk of hackers capturing the credit card data through surreptitious access to the POS reader, demonstrated recently through the infamous credit card data breach of more than 70 million Target customers. With microchip-embedded technology the risk of data theft is greatly reduced, especially when linked with use of a personal identification number (PIN) known only to the customer.
Because adoption of EMV-compliant cards will require the purchase and installation of equipment capable of reading the new embedded chips, American businesses have been slow to adopt the “new” technology. Nevertheless, prompted by the increasing financial risks posed by cyber breaches, and expansion into European markets where customers have come to expect use of smartcards, this reluctance is surely, even if slowly, fading. Those familiar with the rollout in Europe predict, however, that initial adoption is most likely to pair smartcards with customer signatures rather than use of a PIN because of logistical issues, and because U.S. customers are already familiar with the coupling of a card and a signature. In fact, a number of smartcards currently available from institutions in the U.S., such as Bank of America and CitiBank, use the chip-and-signature method rather than the chip-and-PIN option.
In April of this year, dealing with the fallout of its data breach debacle, Target announced that it would issue its branded credit and debit cards as MasterCard chip-and-PIN smartcards. Although it apparently will be beaten to the market by Sam’s Club, Target’s decision to replace thousands of store registers with ones which will accept a chip-and-PIN smartcard is likely to pressure other hesitant retailers to follow suit.1
1 To facilitate use at other stores which have not yet converted to the new chip-enabled terminals, reportedly Sam’s Club smartcard initially will incorporate both a magnetic strip (with its attendant security risks) and an embedded microchip.