Outdated Mag-Stripe Technology Helps Credit Card Fraudsters

That is what a great Consumer Reports article tells us. The issue lies with the magnetic stripe still present on all credit cards on our side of the Atlantic. The mag-stripe technology has been around since the 1970s and its age is showing in rising rates of card skimming and counterfeiting.

The Issue with Mag-Stripe Technology

Consumer Reports points to a recent ACI Worldwide study, according to which close to a third of Americans have reported credit card fraud in the past five years, and identifies the magnetic stripe as being the culprit. The mag-stripe, we are reminded, is uniquely vulnerable to “skimming,” which causes all the problems.

Card skimming is a well-known problem and we have written about it on several occasions previously. It is the copying of the account information that is encoded on the magnetic stripe of a payment card. The skimmed information is then re-encoded on a counterfeit card and used by criminals in fraudulent transactions.

Skimming is relatively easy to do. As Consumer Reports points out:

American credit- and debit-card data are usually stored unencrypted on a magnetic stripe on the back of each card, which thieves can easily and cheaply copy.

The Alternative: EMV Cards

Unsurprisingly, having identified the issue with the magnetic stripe long ago, most developed and many developing countries have adopted a safer technology, called EMV (which stands for Europay, MasterCard and VISA; I don’t know why). EMV cards feature a chip where encrypted account data are stored and a unique identifier. The majority of EMV terminals also require cardholders to confirm their identity by entering a PIN, instead of signing a sales receipt, which is the procedure with mag-stripe readers.

According to Consumer Reports:

China has announced that it will no longer produce or accept such cards after 2015; American travelers are already finding that their cards aren’t accepted at some gas stations, parking facilities, subways, and merchants in Europe. The European Central Bank has recommended that banks stop issuing magstripe cards after 2012.

EMV adoption has reduced fraud substantially. Consumer Reports:

Total fraud losses dropped by 50 percent, and card counterfeiting fell by 78 percent in the first year after EMV smart cards were introduced in France in 1992. Other countries that have switched have also seen card fraud decline.

Why Is the U.S. Lagging Behind?

The U.S. has found itself alone among developed countries and in the company of “some nonindustrialized countries in Africa” in sticking to mag-stripe cards. Why haven’t we switched to EMV?

Well, it turns out that credit card companies are willing to tolerate mag-stripe related losses. In the words of John Buzzard, Client Relations Manager at FICO, a credit scoring company:

Losses are comfortably in the multimillion- dollar range each year but are incredibly hard to authenticate because of the discreet position that most financial institutions take when asked to assess a loss figure.

Switching to EMV would cost issuers about $3 billion, according to an estimate by the Mercator Advisory Group, and merchants would have to pay not much less to upgrade their point-of-sale (POS) equipment.

Still, many big retailers are pushing for EMV adoption, as they get to absorb much of the fraud losses, and some of them have already begun deploying more sophisticated POS terminals.

As I see it, it is now fairly obvious that EMV adoption in the U.S. is inevitable and the only question is how soon it will happen. Evidently the answer is that it will not be before the current status quo becomes unbearable to issuers. The problem is that the situation is quickly deteriorating, as the U.S. is becoming the easiest market to penetrate by fraudsters, and can get out of control in a fairly short order. I guess we’ll find out just how bad it can get.

Image credit: Theshelbyreport.com.