Well, it looks like I'll finally have to
remember the PIN on my infrequently used credit card. Visa and Mastercard have got their way after lobbying regulators so come August 1, POS terminals will only accept a PIN for authorisation on credit cards issued in Australia.
Considering chip cards have been ubiquitous for some time, and 55% of POS credit card transactions are already authorised using the PIN option, the move is long overdue.
Once upon a time, when all credit card transactions were signed for (in the age of clickety clack imprinters), sales staff showed at least a cursory interest in checking the signature on the paper against that on the card. Since authentication choice was
introduced and PIN use became more widespread for credit cards (it had been mandatory for debit cards since 1986), it has become rare to find sales or wait staff who actually check the signature.
This is in part because uptake of wireless POS terminals has been slow in Australian restaurants and many restaurants don't want to require customers to leave their table and come to the counter to settle their bill. But I rarely see signature checks in
retail outlets either.
This was cited as a major cause for urgency in the card schemes' application to the competition watchdog late last year.
Visa claim that the introduction of chip cards to counteract skimming and magstripe cloning has already cut counterfeit fraud losses on Australian cards by 44 per cent in the 12 months ending June 2013.
There were five billion credit and debit card payments during the 2012-13 financial year, totalling $434 billion.
Visa says that there was $270.5 million of fraud against both card types.
The Australian Retailers Association says credit card fraud ran to about $81 million last year.
Taking this claim and drilling further into Visa's data shows that stolen or never-received cards which facilitate signature forging accounted for about $23.5 million worth of fraud. This possibly also includes fraudsters scribbling any old thing on the
provided receipt and the signature not being checked.
This compares with $235 million lost through skimming and card-not-present sales (of which $57.5 million would be on credit cards, if the ARA total for credit card fraud is correct.)
In any case the cost for making this move isn't anywhere near that involved in Chip and PIN migration. POS terminals already accept PIN authentication for credit cards, so just require a software upgrade to remove the ability to bypass this and go to signature.
But many of Australia's estimated 14,000 restaurants and cafes with POS terminals will probably have to rent new mobile POS terminals if they don't want to inconvenience their patrons.