For both in-store and online retailers, there is a race going on to redefine the future of payments and your wallet. With another major retailer, Home Depot, announcing a massive security breach that compromised up to 56 million payment cards, it is clear that the safety of traditional payment systems continues to be in question. How safe is your personal information and how will these new payment methods improve security?
Between credit and debit card transactions, $12 billion dollars changes hands everyday in the US. This represents around 200 million transitions, of which almost all card-present transactions are done through the magnetic strip. By today’s standards magnetic stripe cards are dinosaurs. Originally developed in 1969, the technology achieved mass production in 1971. Since that time very little has changed with them or about how we conduct transactions.
The shortcomings of the antiquated technology haven’t gone unnoticed by thieves and hackers. The US is the last major country still using magnetic stripes and thieves from around the world have been shifting their focus to our credit card system. The US is the only country where payment-card fraud is consistently rising, accounting for nearly 50% of worldwide losses due to fraudulent payment. Between installing devices to intercept the data as it travels to the register, utilizing skimmers, and hacking into payment terminals, criminals are able to capture your name, card number, expiration date, and security code. Over the past year major retailers such as Target, Michaels, and Neiman Marcus have all faced large scale theft of customer data.
Starting in October of 2015, all US payment terminals need to be able accept credit cards equipped with an EVM chip. Merchants that do not will be responsible for fraudulent charges and by that point all major credit cards will have been reissued with the EVM chip. Instead of swiping your card, you will insert it into a slot for the chip to be read. Currently the implementation of the technology will be a “chip and signature” approach which does not require a security PIN to be entered by the card holder for every transaction. The new technology supposedly is much more difficult to hack and to duplicate. While not as secure as the “chip-and-PIN” method, it is a massive step forward from the magnetic stripe technology currently used.
When the payment terminals are updated, chances are retailers will acquire a unit that also accepts contactless payment. Google, Apple, and even the cell phone companies all offer a form of NFC based payments. While the technology has seen limited traction thus far, the industry’s belief is that once Apple launches their version next month that it will begin to become mainstream. A tokenized implementation of a contactless payment system is the most secure way currently to use a credit or debit card at a point-of-sale terminal. Neither the credit card information nor your personal information are exchanged during the transaction, instead a virtual key is used to create and communicate one-time-use dummy information. This allows for payments to be made while allowing no opportunity for your information to get stolen.
As point-of-sale payment systems advance, the thieves / hackers are going to turn their attention to the next easiest target, online purchasing. Between hacking into accounts and databases, thieves are able to access your stored credit card and personal information. Just last month, a group of Russian hackers claimed to have stolen 1.2 billion internet credentials. PayPal is focused on trying to make transactions online safer. The company offers the ability for an online store to accept payments via PayPal. The entire purchase is done through PayPal’s servers without the online store ever having access to your credit card. Amazon and Google both offer similar services. In a bid to compete, Apple has announced a similar online payment effort, except for the end user it will work the same as a contactless payment. Simply purchase from a site that accepts Apple Pay, scan your finger print, and your payment is processed without the vendor seeing your information.
Payment methods are a competitive market as companies vie for a share of your wallet and the transaction. With the impending changes, it is no longer a question of whether consumers will have change their behavior from simply swiping a card, the question is what new behavior will consumers favor.
