Don’t let guard down with new EMV-chip cards

Dale Dixon
Dale Dixon

I’m feeling left out. My bank has yet to send me a new credit card embedded with a nifty little gold computer chip. Have you received yours yet? If so, congratulations. If not, join the minority. I’m told we’ll all be up to speed with new cards soon.

The chip is called an EMV chip. That’s Europay, Mastercard and Visa — the big three global partners in creating a universal security feature for credit cards.

According to a recent news release from the FBI, when you use an EMV card at a chip point-of-sale, or POS, terminal, that transaction is protected using the technology in the microchip. The chip creates a unique string of numbers specific to the transaction. That string of numbers matches a string of numbers at the bank. If the numbers specific to the transaction don’t match, the card won’t work.

The idea behind EMV is to move away from the magnetic strip. You can go to eBay right now and find a credit-card magnetic-strip reader for anywhere from $17 to $150 or more. Thieves get hold of those readers, put themselves in position to get access to old-fashioned magnetic strip credit cards (think: a cashier) and swipe your card through the reader.

If you’re thinking all will be safe with your EMV credit card, think again.

Your EMV card still has the magnetic strip, so you’re not stuck when you encounter a retailer who hasn’t upgraded the point-of-sale terminal to read EMV chips. Plus, a news story this past week reported that a few tech researchers in Europe have figured out how to get past the EMV security features.

Battling thieves has always been equivalent to a game of cat and mouse or whack-a-mole. Outsmart the bad guy for a moment, and he pops up somewhere else with a new tactic.

This means you and I must remain vigilant in protecting our credit cards — even the EMV cards.

The Better Business Bureau and the FBI recommend you:

▪ Closely safeguard the security of your EMV cards and PINs. This includes being vigilant in handling, signing and activating a card as soon as it arrives in the mail, reviewing statements for irregularities, and promptly reporting lost or stolen credit cards to the issuing bank.

▪ Shield the keypad from bystanders when entering a PIN, as PINs are vulnerable to cybercriminals, who work to steal these numbers to commit ATM and cash-back crimes.

Merchants need to handle the EMV card and its data with the same security precautions they use for standard credit cards. (Read the Statesman’s Aug. 17 story, “The new ‘smart’ credit and debit cards: What Idaho businesses should know.”)

They should use secure servers and payment links for all Internet transactions with credit and debit cards. Information should be encrypted, if possible, to avert hackers from compromising card information provided by buyers.

If you’re lucky enough to have your EMV-chipped card, use the feature whenever possible. Don’t slide the card through the magnetic-strip reader out of habit.

Dale Dixon is president and CEO of the Better Business Bureau serving the Snake River Region.