A report just launched by the Smart Card Alliance (SCA) suggests that stakeholders in the U.S. payments industry examining end-to-end encryption should consider the use of contactless chip cards along with dynamic cryptograms in the fight against fraud.
While the merits of end-to-end encryption have received a lot of ink in recent months following high profile data breaches such as Heartland, the approach advocated by the Smart Card Alliance is particularly innovative as it would make use of the existing
U.S. payments infrastructure. The US has long resisted the migration to EMV, which has been widely introduced across other parts of the world, citing concerns about the costs involved in upgrading their current infrastructure.
However, the SCA recognises that U.S. banks and merchants have either already rolled out or are planning contactless chip card and infrastructure projects. As a result, this investment - that is already underway - could also be used as a vehicle to provide
greater security. This approach would also mean that the US is no longer seen as a haven for criminals to export fraud on cards cloned in other countries. It could even pave the way for further innovations, such as NFC payments.
With the addition of CAP/DPA in the U.S., cardholder not present payments could also be protected - an area where the UK for example experienced a growth in fraud after POS payments became more difficult to attack. As the SCA recommendations would both bring
the U.S. more in line with the rest of world as well as enhancing payment security, it sounds like a "win-win" situation.