emv credit card chips: no silver bullet, but a significant step forward in fraud reduction
This is the season for joy.
Only two years ago, during the holiday season, Target\'s notorious data breach put about 40 million credit card numbers at risk for hacking --of-
Skimming the sales system of the credit voucher.
As a result, millions of credit cards were reissued.
Target is not alone, of course, because it violates many other national brands, such as Goodwill, TJ Max, Kmart, Neiman Marcus, Staples way, Hilton, and others have committed violations when publishing credit card data.
These violations resulted in a waste of time and money because millions of people issued new credit cards and they took the time to look for fraudulent activities and follow up.
It is worth considering how technology can adapt to providing safer transactions in the hope of improving the future.
For most people, the most obvious change is the implementation of the chip. and-
Signing technology in the United StatesS.
Many of the new credit cards issued in the past year or two contain a lot of gold --
Color sheet metal. This chip (
Often called \"EMV\" chip)
It\'s actually a minor tampering.
A resistant microprocessor with some private storage, used to protect transactions, and provides more secure features than small magnetic strips on the back of traditional credit cards.
The chip adds a small computer to the credit card, allowing it to interact with the credit system using a secure encryption protocol, similar to the protocol used to protect Internet transactions.
The chip can even be reprogrammed at one point. of-
Sales terminals modify their susceptibility to real fraudtime.
For example, they can be canceled, or there is a limit on the size of the transaction on the card.
In contrast, traditional magnetic strips can contain only static information and are very easy to read, copy, and forge.
So how do these new chips reduce fraud?
The system works on several levels.
First, all digital information stored on the card is digitally signed by the issuer.
The digital signature is not a scan signature signed by the consumer on the digital pad, but an encryption protocol that allows the signatory to sign the information so that the verifier knows who signed it and the information signed has not been modified.
However, the EMV chip is not just sending the card number for the purpose of making a transaction. The point-of-
The sales terminal generates information specific to the transaction, and the card itself digitally signs the transaction-
This prevents the transaction from being replayed and ensures that the card is present in the transaction.
As we all know, the card exists in the form of tampering
The resistance private memory of the chip contains content called a signature key, and only those who have access to the key can sign on behalf of the card.
Secondly, many fraud prevention features can be programmed directly to the card, either at issue or at the next insertion pointof-
The sales terminal of the transaction.
For example, an EMV card can be programmed to prevent the card from being used in foreign transactions, or to allow only offline transactions below a certain value, or to disable cards reported missing completely.
In the next transaction performed by the card, these functions can be programmed in near real time.
One might wonder why EMV cards cannot simply encrypt all the information and send that data to the issuer.
Here are a few questions.
First of all, some transactions always need to be offline, and some public credit card numbers seem necessary in this case.
Secondly, it may be more important that many merchants and intermediaries need these numbers to track customer purchases, achieve easy return on purchase, route purchase data through payment networks, and other practical features.
While encryption seems to be a simple solution, it creates many practical problems.
A recently launched solution called \"token\" uses \"spare\" credit card numbers for different merchants, locations, and even transactions.
This allows merchants to store all your transactions under a unique fake credit card number, but this number is of no value to other merchants, because your card will generate different fake credit card numbers for other merchants.
As a result, merchants can use a fake credit card number for returns and tracking purchases, while obtaining security that violates their fake credit card numbers without causing global losses.
Also, after a violation occurs, everyone\'s credit card can be programmed to update their fake credit card number, which makes them have no future value.
Of course, both credit cards and banks need to be able to map the actual credit card number back and forth to the appropriate fake credit card number
To manage the account correctly, the card number.
This is done safely on the chip and in the issuer\'s Security handling facilities.
A number of \"new technologies\" including wireless near-field communication \"(NFC)
Technologies such as Apple Pay, Android Pay and Samsung Pay that support credit cards and smartphones are very similar becauseof-
Unlike smartphones that embed credit cards, sales terminals are talking to the microprocessor.
The mechanism of communication is now at a low level. power, near-
Distance radio transmission relative to physical contact with the chip reader.
All of these technologies are running the EMV protocol, which is why ApplePay, Android Pay and Samsung Pay are able to launch their services to so many merchants without any difficulty.
EMV technology is not a panacea for all problems.
For backwards compatibility, although this will change over time, most merchants still accept traditional magnetic swipes.
More importantly, EMV is currently useless for online purchases (
There may not be an EMV reader on your personal computing device).
As a result, stolen credit card certificates will continue to exist in the market in the near future.
However, it does provide a lot of features to reduce fraud and offers more payment options for consumers.
Some food worth thinking about when you care for a holiday shopping hangover.