-
Everyone agrees that electronic transactions should be as safe as possible, but a PIN mandate will not prevent online or mobile fraud.
May 24 -
Walmart and Visa have had a long and volatile relationship, and the retailer's latest lawsuit against the global card brand gives voice to a struggle that many other companies are too small to fight.
May 11 -
The goal of adopting chip cards to provide tighter security is a noble one. But by going partway, authorizing transactions with signatures rather than four-digit codes, banks are watering down that security, at least for lost and stolen cards.
November 23
The fight between Visa and Walmart over authenticating chip cards could have a negative outcome for everyone involved, regardless of which side wins.
In the
This operating model casts serious questions over the viability of long term success of the chip card technology as it suggests that payment companies and merchants are focused on the financial metrics at the cost of giving up security controls.
On which authentication approach provides better security, Walmart wins the argument. Visa's decision to allow debit card customers to use a less secure signature verification system does not make sense from an information security standpoint and it defeats the very purpose for which this technology was rolled out in the first place.
Walmart was one of the few big U.S. retailers to immediately adopt the EMV technology when it became available, and spent millions on massive upgrades of its point-of-sale terminals. Early adoption by any retailer delighted Visa and MasterCard along with the major card-issuing banks. But with Walmart's
Many of the large banks embraced the chip and PIN technology from the beginning as they are some of the biggest targets of cyber-attacks. Even some mid-size banks like
Typing in the PIN does add extra time to a transaction — eight to 12 seconds, according to JDA software group's
If Visa's concern about PIN is processing efficiency, it could be looking at more alternative measures to improve technology and operating effectiveness that do not compromise security. Visa and Walmart have each been trying to reduce processing time through
Of course, at the end of the day, the true test of the effectiveness of EMV adoption in the U.S. will not be at store terminals but in how new card technologies affect incidents of online — or card-not-present — fraud. One only hopes that online retailers, issuers and card networks are serious about ramping up security for online purchases. In every country that has switched to EMV cards — and the U.S. is the last developed country to do so — online fraud has jumped, says
Banks need to consider two-form authentication such as sending customers a one-time passcode via email or text message to authenticate online transactions with the new chip card. And card networks and retailers need to mend fences over their contractual obligations with the common goals of strengthening card security, increasing EMV adoption among smaller retailers and educating customers about the benefits of chip cards.
Senthil Selvaraj is a former operational risk executive with Bank of America.