Go Back  FlyerTalk Forums > Miles&Points > Credit, Debit and Prepaid Card Programs > Credit Card Programs
Reload this Page >

Should USA card issuers adopt EMV (Chip & PIN)? [Opinion discussion]

Should USA card issuers adopt EMV (Chip & PIN)? [Opinion discussion]

Reply

Old Feb 17, 11, 11:28 am
  #1  
Original Poster
 
Join Date: Jul 2006
Location: LAX
Programs: AA EXP 1.5MM, Asiana Club Silver, KE Morning Calm, Hyatt Platinum, Amtrak Select
Posts: 7,155
Should USA card issuers adopt EMV (Chip & PIN)? [Opinion discussion]

I believe finally the tide is turning towards more increased demand for EMV in the US.

Card fraud is increasing here and starting to hurt banks with their 100% no-liability guarantee starting to backfire against them. I'm sure that the ticket agent who got arrested for skimming $480,000 at SJC must've been a real eye-opener to many on how easy this stuff is to do as we continue to rely on fifty year old mag-stripe technology. And because so it's easy to do, organized crime, theives, crooks, and gangs are turning to this way to skim off card info from just a few hundred investment of equipment off of eBay

And recently it seems VISA began to put extra pressure for a push towards EMV by offering Merchant incentives to switch to EMV terminals by exempting those who comply with EMV processing terminals to be exempted from hefty annual PCI-DSS compliant fees. The catch? It's not offered to US merchants. But I'm sure this is to raise serious eyebrows for US merchants to consider to just pay an one-time upgrade of their terminals instead of being dinged with annual compliance fees because they continue to process it through fifty year old technology

Perhaps we'll finally be able to get our credit cards updated to EMV standards sooner than we thought. Just a year ago we had zero option, at least we now have the Travelex Chip & PIN card. That's a good start IMO.
kebosabi is offline  
Reply With Quote
Old Feb 19, 11, 2:13 am
  #2  
 
Join Date: Aug 2010
Posts: 109
Originally Posted by kebosabi View Post
I believe finally the tide is turning towards more increased demand for EMV in the US. .....That's a good start IMO.
It's a BAD start. Chips reverse the burden of proof in fraud cases. In a chip/pin fraud case, it's the cardholders burden to prove that they did not enter the pin. After all, all pin numbers that are accepted are an exact match of the original (not the case with signatures).

If fraud occurs with swipe and sign, it's the bank/merchants burden to prove that the signature matches your signature.
EUnomad is offline  
Reply With Quote
Old Feb 19, 11, 6:19 am
  #3  
 
Join Date: Jan 2008
Posts: 4,697
Originally Posted by EUnomad View Post
It's a BAD start. Chips reverse the burden of proof in fraud cases. In a chip/pin fraud case, it's the cardholders burden to prove that they did not enter the pin. After all, all pin numbers that are accepted are an exact match of the original (not the case with signatures).

If fraud occurs with swipe and sign, it's the bank/merchants burden to prove that the signature matches your signature.
IT is not quite that simple. The UK has seen much more sophisticated fraud since the EMV was introduced, involving cloning with more advanced technology than before. The consumer retains rights, the pattern recognition in transactions still guards imperfectly but does aid the consumer. CNP retains precisely the same problems it had before. Merchant disputes differ only in that the process of merchant payment disputes is altered.

Unauthorized transactions in an EMV environment do decrease very substantially, thus merchants with one off transactions within normal cardholder patterns have less difficulty justifying the transaction. Dispute volumes in EMV are much lower than in magstripe environments in all the places I know.

Thus, it is a good thing for both sides. Consumer complaint rights continue unabated in all major countries AFAIK.
jbcarioca is offline  
Reply With Quote
Old Feb 19, 11, 10:22 am
  #4  
 
Join Date: Aug 2010
Posts: 109
Originally Posted by jbcarioca View Post
IT is not quite that simple. The UK has seen much more sophisticated fraud since the EMV was introduced, involving cloning with more advanced technology than before.
Exactly the problem. A more trusted technology is being exploited. The consumer becomes more of a suspect than before.

Originally Posted by jbcarioca View Post
The consumer retains rights, the pattern recognition in transactions still guards imperfectly but does aid the consumer.
Sure, the liability is the same. The liability is on the bank either way. But the burden of proof differs. This is the problem for the consumer -- to the advantage of the bank. The liability is only applicable to the extent that the proof is sufficient.

Originally Posted by jbcarioca View Post
Unauthorized transactions in an EMV environment do decrease very substantially, thus merchants with one off transactions within normal cardholder patterns have less difficulty justifying the transaction. Dispute volumes in EMV are much lower than in magstripe environments in all the places I know.
A decrease in fraud is of course good for the bank. For the consumer it's only an advantage in terms of fewer instances of paperwork and hassle, but this is quickly outweighed by the burden of proof hassle and potential loss to the consumer in the case of insuffient proof. The increased risk of potential difficulty in proving fraud far outweighs the slight chance of extra paperwork.

With swipe and sign, the consumer need not prove anything. The bank takes the hit, consumer files a report, and walks.
EUnomad is offline  
Reply With Quote
Old Feb 19, 11, 11:32 am
  #5  
Original Poster
 
Join Date: Jul 2006
Location: LAX
Programs: AA EXP 1.5MM, Asiana Club Silver, KE Morning Calm, Hyatt Platinum, Amtrak Select
Posts: 7,155
Originally Posted by EUnomad View Post
With swipe and sign, the consumer need not prove anything. The bank takes the hit, consumer files a report, and walks.
If that is true then, well that too could be prone to intentional fraud by a dishonest cardholder too. If the consumer doesn't need to prove anything then, what's stopping anyone from say...buying a 60" flat screen TV at BestBuy 150 miles away with their own credit card, and claim that his/her credit card was skim-cloned somewhere and someone just charged $2000 or so at BestBuy? Would the card company just take the $2000 hit and credit them back, all in the while practically making their new flat screen TV free?

Last edited by kebosabi; Feb 19, 11 at 11:37 am
kebosabi is offline  
Reply With Quote
Old Feb 19, 11, 11:53 am
  #6  
 
Join Date: Aug 2010
Posts: 109
Originally Posted by kebosabi View Post
If that is true then, well that too could be prone to intentional fraud by a dishonest cardholder too. If the consumer doesn't need to prove anything then, what's stopping anyone from say...buying a 60" flat screen TV at BestBuy 150 miles away with their own credit card, and claim that his/her credit card was skim-cloned somewhere and someone just charged $2000 or so at BestBuy? Would the card company just take the $2000 hit and credit them back, all in the while practically making their new flat screen TV free?
The transaction is over $25, so BB is likely to require a signature. If the buyer signs quite differently than the signature on the back of their credit card, then BB denies the sale. If the buyer gives a matching sig, then the merchant and bank have proof that he did buy the TV.

And furthermore, if the sales person recognizes the buyer, BB then has an eye witness that the buyer committed fraud. So the charge not only goes through, but the buyer risks criminal penalties as well.
EUnomad is offline  
Reply With Quote
Old Feb 19, 11, 12:47 pm
  #7  
 
Join Date: Sep 2006
Posts: 1,136
Originally Posted by EUnomad View Post
The transaction is over $25, so BB is likely to require a signature. If the buyer signs quite differently than the signature on the back of their credit card, then BB denies the sale. If the buyer gives a matching sig, then the merchant and bank have proof that he did buy the TV.
I do not think that BestBuy or any other store is really matching electronic signatures or ink signatures to the signature on the back of credit cards. I for one do not have a signature on the back of my card, so that would be impossible.

I do agree with your point regarding the burden of proof shifting unfavorably away from the consumer, but I find it hard to believe that there aren't still as many ways to demonstrate a charge was fraudulent with Chip and Pin technology.
JFKLAX321 is offline  
Reply With Quote
Old Feb 19, 11, 1:06 pm
  #8  
 
Join Date: Aug 2010
Posts: 109
Originally Posted by mzkaiser View Post
I do not think that BestBuy or any other store is really matching electronic signatures or ink signatures to the signature on the back of credit cards. I for one do not have a signature on the back of my card, so that would be impossible.
It's BBs option to check the signature. If they don't check, they're deciding to take the risk. Presumably, if the sigs don't match, then BB is (hopefully) at a loss, not the bank or the consumer.

In the case of an unsigned card, it's in BBs interest to force both the card and the receipt to be signed on the spot, and if both signatures match, then there's no issue as far as BB is concerned. If this were to happen with a malicious buyer other than the card holder, the card holder will possibly learn an expensive lesson in the importance of signing the backs of the cards as they are received, as they are instructed.

Last edited by EUnomad; Feb 19, 11 at 1:12 pm
EUnomad is offline  
Reply With Quote
Old Feb 19, 11, 1:42 pm
  #9  
mia
FlyerTalk Evangelist, Moderator: American Express, Citi, Diners Club, Signatures
 
Join Date: Jun 2003
Location: Miami & London
Programs: AA & Marriott Perpetual Platinum; HH Gold
Posts: 35,893
Burden of proof merely means that the issuer must produce some evidence that I authorized the transaction. If I dispute a signature transaction the bank will typically produce a signed sales slip. If I assert that it is not my signature the bank may compare it with signatures from other transactions, or examine other evidence. In the Best Buy example there will likely be security video available.

In the UK the burden of proof remains with the issuer even after the introduction of Chip & PIN:

Under new rules that came into effect in November [2009], you are entitled to an immediate refund while the bank investigates a transaction that you dispute, unless it has evidence that you acted negligently or dishonestly. While the burden of proof has always been with the bank to prove that you authorised the transaction, last year's changes mean that this requirement now has the force of law, the UK Payments Administration said.
http://www.telegraph.co.uk/finance/p...m-hackers.html

However, as a practical matter the banks consider the fact that the correct PIN was (apparently) used to be sufficient evidence to satisfy this burden:

http://www.timesonline.co.uk/tol/mon...cle5575295.ece

(Both articles are a worthwhile read for anyone interested in this topic.)
mia is offline  
Reply With Quote
Old Feb 20, 11, 6:53 am
  #10  
 
Join Date: Aug 2010
Location: Texas
Programs: AA EXP, UA Premier Plat, Alaska MVP Gold, HHonors Diamond, SPG Platinum, Hyatt Platinum
Posts: 2,052
Originally Posted by EUnomad View Post
In the case of an unsigned card, it's in BBs interest to force both the card and the receipt to be signed on the spot, and if both signatures match, then there's no issue as far as BB is concerned.
If the person standing in front of them signs both at the same time, why would they NOT match?
mreed911 is offline  
Reply With Quote
Old Feb 20, 11, 9:39 am
  #11  
 
Join Date: Jul 2004
Location: KSFO
Programs: UA/Prem Exec, HH/Gold, TW/Gold
Posts: 308
Originally Posted by mreed911 View Post
If the person standing in front of them signs both at the same time, why would they NOT match?
In fact, an unsigned card is invalid. Read the fine print. In practice, businesses perform real-time risk management on an ongoing basis. Am I suspucious of you? Maybe I reject this card from you. If you have another with the same name, maybe I let it through. And on.

This thread is drifting ...
jmhayes is offline  
Reply With Quote
Old Feb 20, 11, 1:25 pm
  #12  
 
Join Date: Aug 2010
Posts: 109
Originally Posted by mreed911 View Post
If the person standing in front of them signs both at the same time, why would they NOT match?
A malicious card holder could deliberately sign one of them differently, so they could later deny the purchase. So it's in the merchants interest to check. Merchants could easily go a step further, and take an optical scan of the card, so they have a record of the matching sigs. Perhaps it's not a common enough problem.
EUnomad is offline  
Reply With Quote
Old Feb 21, 11, 10:41 am
  #13  
FlyerTalk Evangelist
 
Join Date: Jan 2005
Location: home = LAX
Posts: 23,151
Originally Posted by EUnomad View Post
A malicious card holder could deliberately sign one of them differently, so they could later deny the purchase.
If everyone could deny purchases just based on wrong signature, then everyone who uses those horrid miniature electronic signature pens at the self-checkout counters at my local Ralph's (Krogers' brand in SoCal) could be disputing most every purchase there. I compalined to the person monitoring the self-checkout area that I couldn't sign despite many attempts (the electronic pen kept turning signature into incomprehensible garbage) and he said just to try and click accept no matter what the result! And they never fit them, so now I have to do that every time!
sdsearch is online now  
Reply With Quote
Old Feb 21, 11, 11:21 am
  #14  
 
Join Date: Aug 2010
Posts: 109
Originally Posted by sdsearch View Post
If everyone could deny purchases just based on wrong signature, then everyone who uses those horrid miniature electronic signature pens at the self-checkout counters at my local Ralph's (Krogers' brand in SoCal) could be disputing most every purchase there.
Sure, but it would be fraudulent. You couldn't fit enough Ralphs food in your minivan to justify the risk of being charged with fraud. Better to skip the cash register altogether, and make a dash for the getaway car -- at least then you're only risking theft charges, as opposed to fraud and theft charges.
EUnomad is offline  
Reply With Quote
Old Feb 25, 11, 5:43 pm
  #15  
 
Join Date: Feb 2011
Posts: 22
Banks really do believe it's THEIR money...

No sooner did I finish my post on the Durbin Amendment than I found this:

"TCF National Bank (TCF) has filed a suit in the United States District Court in South Dakota challenging the constitutionality of ... the Durbin Amendment"

(You can read quoted article here: http://www.regulatoryreformtaskforce...2010.13.10.pdf )

TCF is one of the nations biggest banks, with assets well over $10B, so the amendment's fee limits definitely apply to them. But what I find most amusing (and appalling) are their rationales for the suit:

"(1) that by limiting fees to below the actual cost to produce the services, the government is taking property without just compensation"

Let's remember that we're talking about debit card transactions, which represent withdrawals of YOUR money from YOUR bank account, YOUR money with which you've entrusted the bank, and which you allow them to use (to their profit) until the point in time at which you decide to withdraw it. They make money off of your money while it's in their bank... but that doesn't mean (as TCF seems to have forgotten) that it's THEIR money!

So no, the government is in no way taking their money, nor forcing them to spend their money, nor forcing them to operate at a loss. We all know that if debit card transactions become less profitable for them, they'll make up the difference somewhere else... for instance, perhaps, on the interest they earn on YOUR money before you decide to spend it in a debit card transaction.

"(2) violation of due process related to Congressional approval of the Durbin Amendment and the absence of public hearings"

"Due process" applies to the criminal code, as in "not convicted without due process". Are we talking about a crime here?

"and (3) violation of equal protection, because the Durbin Amendment expressly applies only to issuers with $10 billion or more in assets, thus leaving unaffected (and potentially advantaged) approximately 99% of U.S. banks."

Hmmm... I see. So, banks can have different accounts available for different levels of deposits, (for example, a "Premium" account with special benefits and higher interest rates for depositors who keep a minimum balance of $100K), but they don't like it very much when special rules are applied to THEM based on how much money they have? How's that again?

I truly hope the judge laughs long and loud, and then kicks them out of his courtroom.

... In the meantime, I truly hope that the other banks get a move on with our EMV debit cards!

-- Claudia
francophiliac is offline  
Reply With Quote

Thread Tools
Search this Thread
 
  • Ask a Question
    Get answers from community experts
Question Title:
Description:
Your question will be posted in: