EMV Could Push Scammers Into Other Types of Credit Fraud
The move to EMV-equipped credit cards, which require users to enter a PIN at the point of sale, could prevent many types of credit card breaches, but experts say it will not do away with all fraud. In countries that have switched to an EMV-based payment system, almost all fraud has been eliminated when the credit card is physically present. However, for transactions in which the card is not presented, such as for online purchases, users must enter the card’s credit card verification number (CCV), which opens the transaction up to hackers. “I’m not convinced that the CCV works,” says Cleverbridge’s Tim Russo. He says some earlier versions of the CCV are captured on cards’ magnetic stripe, and that some merchants actually physically enter the CCV number in a transaction and store it in their records. This makes the information vulnerable to fraudulent use if the merchant’s computer records are hacked. Russo recommends that e-commerce providers take steps to confirm that a card being used for payment is legitimate, such as by checking if a purchaser is actually located where they say they are and whether the expiration date or CCV number match.
[divide]From “EMV Chip Adoption Will Push Scammers Into Other Types of Credit Fraud”
eWeek (02/12/14) Rash, Wayne