This article and TV news report on ClickonDetroit examines ever so lightly the difference in opinion that exists between card issuers and merchants regarding the importance of identifying the consumer using the card either by asking for a signature or a PIN:
‘ “I think everybody’s on the same page (with) wanting to make transactions more secure,” said Alan Bergstrom, senior vice president and chief marketing officer at Community Choice Credit Union in Farmington Hills.
Bergstrom said his company is going full-speed ahead with the switch to chip credit cards. He said he expects the changeover for credit cards should be done by the end of September.
The timing is critical, because starting in October there’s a shift in liability for credit card fraud. Currently, financial institutions absorb the cost of bogus transactions. In October, that responsibility will fall to whichever institution hasn’t upgraded security.
“If a retailer doesn’t have the proper reader to process that chip transaction, then the liability will be on the retailer,” Bergstrom said.
To PIN or not to PIN?
While Bergstrom said everyone is on the same page, others disagree, including the Retail Industry Leaders Association.
“I would say the card networks and the banks aren’t going far enough,” said Brian Dodge, the executive vice president at RILA.
That’s because right now, the plans for October call for a “Chip and Sign” process. That means customers will not have to use a PIN at the terminal to complete the transaction. They can just sign their name, as they do now, with the swipe cards.
“We’ve seen the benefits of chip and pin together in Europe, where fraud has come down substantially,” said Dodge.
He believes the best security available involves the “Chip and PIN” system.
“The fact is this technology is not new,” Dodge said. “It’s not imaginary. The fact that it’s not here in the United States is puzzling. (It) should be frustrating for all cardholders.” ‘
The February 2013 Mercator Advisory Group Note “The Cost of EMV and the Credit Card Issuer Investment Decision” evaluates how effectively EMV will prevent the eight primary credit card fraud mechanisms and finds the cost are likely to far exceed savings based on fraud prevention.
If we assume all merchants support EMV transactions and all cards are EMV compliant, then just the presence of the EMV chip eliminates counterfeit card fraud at merchant locations which is the largest dollar volume of card fraud (8.4%). Using PIN as the cardholder verification method will reduce the misuse of stolen cards, but this is a much smaller component of fraud volume (3.9%). Of course Chip vs. Signature is irrelevant to online purchases where other mechanisms are required to perform cardholder verification.
But this argument will likely be recognized as a Tempest in a Teapot as merchants and issuers alike explore the use of cloud services that utilize mobile device information to augment existing cardholder verification methods. These new methods are applicable to at least five of the eight fraud vectors Mercator has identified, representing 43.8% of identified credit card fraud. So in the short term these cloud services will dramatically change the Signature vs. PIN argument and in the long term will almost certainly make the issue mute.
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group
Read the full story