PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

New Security Flaw in Credit Card Chip System Revealed

By Sarah Grotta
August 9, 2016
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

A story that is getting broad attention in industry publications as well as the popular press suggests that EMV chip cards that still sport a magnetic stripe on the back are easily hacked and open to counterfeit fraud. If true, this is not welcome news as issuers and merchants are spending $7 to $8 Billion to reissue cards and upgrade terminals. It appears that there is a little more hyperbole to this story and the payment system is more secure than reports might have readers believe.

As reported by CNN, researchers at NCR presented their finding regarding weaknesses in EMV chip last week at the Black Hat conference:

Computer security researchers at the payment technology company NCR demonstrated how credit card thieves can rewrite the magnetic stripe code to make it appear like a chipless card again. This allows them to keep counterfeiting — just like they did before the nationwide switch to chip cards.

This claim of a glaring hole in EMV, the chip-based system, is possible because of the way many retailers are upgrading their payment machines: They’re not encrypting the transaction.

This suggests that the magnetic stripe can be hacked so the code which tells the terminal that the card is in fact an EMV chip card fools the terminal into thinking it’s an old fashioned magnetic strip only card. This allows fraudsters to create counterfeit cards just as they did prior to the issuance of EMV cards.

Although the magnetic strip may be compromised, it doesn’t meant that the transaction will be successful. Once the authorization request gets to the issuer processor, the processor will know that the card is an EMV chip card at an EMV capable terminal and should have been processed as an EMV transaction. The transaction will be declined at the processor.

It would be much easier for fraudsters to steal magnetic stripe card data from cards that have yet to migrate to EMV and use them at merchants who have not updated their terminals. There are plenty of both still available.

Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group

Read the full story here

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    commercial card, Allpay ClearBank Prepaid Payments, wealth transfer

    How Banks Can Capture the Wealth Transfer from Boomers to Gen Z

    June 20, 2025
    embedded lending

    Embedded Lending as a Growth Strategy for ISVs—How to Maximize Revenue Potential

    June 18, 2025
    merchant ai

    Merchants Find More Use Cases for AI Amid Risks

    June 17, 2025
    prepaid payroll

    Taking the Check Out of Paycheck: The Role of Prepaid in Payroll

    June 16, 2025
    Banking-as-a-service BaaS

    Remodeling Main Street: How Community Banks Can Leverage the Banking-as-a-Service Paradigm

    June 12, 2025
    How Employee Performance Enhances the Customer Experience

    Three Strategies to Maximize Loyalty in the AI-Driven World 

    June 11, 2025
    PFM tools

    How FIs Are Cutting Through Subscription Clutter with PFM Tools

    June 10, 2025
    child identity theft

    Stranger Danger: Protecting Your Children from Identity Theft

    June 9, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result