15 December 2017
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

739Posts 2,050,496Views 62Comments

Chip and PIN, will It save Us?

17 December 2014  |  2104 views  |  0

Many Americans, says a recent survey by Gallup, worry about a data breach connected to the use of their credit cards. Interestingly, many people use a credit card for everything under the sun: even just a soda and bag of chips from the convenience mart. The more you use a credit card, the more likely it will be compromised by cyber thieves.

 

The magnetic stripe technology for credit cards makes them so “hackable.” One way to help prevent credit card crimes is to implement a chip-and-PIN technology. It’s been touted as a sure way to keep crime at bay. But is it what it’s cracked up to be? After all, how could the thief, holding your credit card, know your PIN?

The magnetic stripe contains account information. This can easily be copied with a thief’s tools such as a skimming device. A chip card uses a microprocessor that’s embedded. This makes the account information non-accessible to a hacker during any point of a sales transaction.

There are additional features to chip technology that tie into keeping fraud away:

  • Every time the card is used is recorded.
  • A cryptogram lets banks view the data flow.

Chip technology will be coming out in 2015 for the States, and experts are very confident that this transition will choke a lot of life out of card fraudsters. The transition will cost around $8 billion—if done correctly. And this “roll-out phase” won’t happen overnight, either.

There has been credit card fraud involving chip technology. Here’s how it happened: The crooks stole account information from magnetic stripes via skimming. The transactions were then done EMV style, then the criminals picked up traffic from an authentic EMV chip transaction. Next, the thieves put the information they’d skimmed into the transaction, and pulled off their crime.

In short, chip-and-pin technology is not without the element of human error; EMV can still be implemented poorly. As for that human error, this happened not too long ago with Canadian banks. They were struck with a big financial loss because the counter data and cryptograms were not being checked efficiently.

We can have a really great thing here—if it’s implemented in a smart way. What good is an advancement in technology if it’s carelessly employed?

 

a member-uploaded image TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Robert

What Was Scary About Blackhat 2017?

02 August 2017  |  6228 views  |  0 comments | recomends Recommends 0 TagsSecurity

Black Hat 2017 was an Amazing Event

29 July 2017  |  6805 views  |  0 comments | recomends Recommends 0 TagsSecurity

Blackhat Hackers Love Office Printers

28 July 2017  |  5410 views  |  0 comments | recomends Recommends 0 TagsSecurity

Getting Owned or Pwned SUCKS!

13 June 2017  |  5785 views  |  0 comments | recomends Recommends 0 TagsSecurity

Parents Beware of Finstagram

27 April 2017  |  5248 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
732 posts62 comments

Who's commenting on Robert's posts

Ketharaman Swaminathan