Chip technology has been around for about 30 years, although the United States has recently broadly adopted the technology in the last five years. In 2013, hackers stole credit and debit card information from 40 million Target customers, and there were also massive data breaches elsewhere in the retail industry. These hackers, who were never caught, were believed to have installed malware onto the checkout card readers that stole data each time a customer swiped his or her card. This was the incentive for companies to start adopting the more secure microchips instead of the magnetic strips on credit cards that are easy to hack.
Microchips are commonly referred to as EMV smart chips, which stands for Europay, MasterCard and Visa: the companies that created this technology. The difference between microchips and magnetic strips is that instead of embedding credit card numbers and user information into the strip, it is contained in the little chip in the card. In addition to storing data, the computer chip can process data. When a user inserts the chip into the card reader, the chip and the reader essentially have an encrypted conversation to authenticate the card. The chip uses cryptography to protect the data. When using a magnetic strip, the swipe of the card simply outputs the card number and expiration date to the reader, making these cards easy to counterfeit.
In the US, the most common type of chip cards currently are the "chip and signature" cards, which require a signature to authorize the charge. In contrast, many European countries use "chip and PIN" cards, which require a four-digit PIN to authorize the charge. The "chip and PIN" cards are more secure because a signature can be easily forged.
References:
Content:
https://en.wikipedia.org/wiki/EMV
http://money.howstuffworks.com/personal-finance/debt-management/chip-and-pin-credit-cards3.htm
http://blog.credit.com/2014/10/how-does-chip-pin-actually-work-97454/
Images:
https://static01.nyt.com/images/2016/08/04/business/04cardchip4/04cardchip4-master768.jpg
https://assets.nerdwallet.com/blog/wp-content/uploads/2014/01/best-emv-chip-credit-cards.jpg
I don't know if you have heard of this, but now they are introducing contact-less chip cards, which you can use for small transactions (at least for now. There have already been instances of fraud(in the UK I believe)where people bring small scanner like machines close enough to other people's purses/wallets/jackets, and if they have a contact-less card it is charged the max. amount allowed with each transaction. I'm sure that soon enough there will be a solution for this too, but then there will also be a way to work around that solution and still commit fraud. Will there ever be a method that guarantees security?
ReplyDelete