PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

New Security Flaw in Credit Card Chip System Revealed

By Sarah Grotta
August 9, 2016
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

A story that is getting broad attention in industry publications as well as the popular press suggests that EMV chip cards that still sport a magnetic stripe on the back are easily hacked and open to counterfeit fraud. If true, this is not welcome news as issuers and merchants are spending $7 to $8 Billion to reissue cards and upgrade terminals. It appears that there is a little more hyperbole to this story and the payment system is more secure than reports might have readers believe.

As reported by CNN, researchers at NCR presented their finding regarding weaknesses in EMV chip last week at the Black Hat conference:

Computer security researchers at the payment technology company NCR demonstrated how credit card thieves can rewrite the magnetic stripe code to make it appear like a chipless card again. This allows them to keep counterfeiting — just like they did before the nationwide switch to chip cards.

This claim of a glaring hole in EMV, the chip-based system, is possible because of the way many retailers are upgrading their payment machines: They’re not encrypting the transaction.

This suggests that the magnetic stripe can be hacked so the code which tells the terminal that the card is in fact an EMV chip card fools the terminal into thinking it’s an old fashioned magnetic strip only card. This allows fraudsters to create counterfeit cards just as they did prior to the issuance of EMV cards.

Although the magnetic strip may be compromised, it doesn’t meant that the transaction will be successful. Once the authorization request gets to the issuer processor, the processor will know that the card is an EMV chip card at an EMV capable terminal and should have been processed as an EMV transaction. The transaction will be declined at the processor.

It would be much easier for fraudsters to steal magnetic stripe card data from cards that have yet to migrate to EMV and use them at merchants who have not updated their terminals. There are plenty of both still available.

Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group

Read the full story here

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    Making Real-Time Payments a Reality

    Fulfilling the Promise: Making Real-Time Payments a Reality

    July 10, 2025
    mortgage

    The Rich Benefits of In-House Payment Systems

    July 9, 2025
    digital cards

    Beyond Plastic: Why Digital Cards Are the Future

    July 8, 2025
    What Premium Card Overhauls by Chase and Amex Reveal About the Credit Card Market

    What Premium Card Overhauls by Chase and Amex Reveal About the Credit Card Market

    July 7, 2025
    Rewire Acquires Imagen, Looking at Prepaid Cards for Migrant Workers

    Smells Like Team Spirit: What Makes Cobranded Credit Cards Work

    July 3, 2025
    uk banking outages

    New Continuous Strategies for Battling Account Takeovers

    July 2, 2025
    Fraud Monitoring

    What to Expect When Nacha’s Fraud Monitoring Rules Take Effect

    July 1, 2025
    payments

    Don’t Just React to What’s Next in Payments—Anticipate It

    June 30, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result