Security of EMV Chips & Mobile Payments: Always Have Your Guard Up

by Lance Eliot 0

Are your retail operations secure in the use of the EMV chip credit cards and also in mobile payments?

Besides the potential loss to your business if you suffer a security breach, the latest Retail Perceptions survey from Interactions revealed that 39 percent of shoppers say that they will spend less than before at retailers who have experienced a security breach.

And, the survey showed that 69 percent of shoppers say that they won’t sign-up for a store credit card once there’s been a breach at the retailer, and likewise about 56 percent say that would not be willing to sign-up for a loyalty card after there’s been a breach.

In other words, a security breach will hurt when it happens — and it will have a long lasting impact as shoppers opt to avoid spending quite so readily at your store.

Some retailers falsely think that if they are using EMV chip credit cards that they have eliminated any chance of security breaches at the register since the EMV approach is stronger than conventional credit cards.

The EMV chips do improve security, but there are still lots of holes, including:

— Since the U.S. isn’t requiring a PIN, pretty much anybody can use an EMV chip card, whether it might possibly be a lost card or a stolen card

— The magnetic stripe on the EMV chip credit card is still vulnerable to being read by malware

— Stores allowing both the dip-the-chip and the swipe method often lazily allow their staff to choose which way to go, and the staff frequently steer shoppers to the traditional swipe method since it is more familiar to shoppers.

Ironically, whereas store staff might be angling shoppers away from the chip, Retail Perceptions found that 71 percent of shoppers indicate that using a chip makes them feel more secure when shopping. If your staff are steering those savvy shoppers away from using the chip, it can create tremendous confusion for shoppers and make them think twice about shopping at your establishment.

In fact, shoppers are already wary about whether retailers are really doing what is necessary to help protect their information.

Nearly half of shoppers (43 percent) don’t trust companies to keep their personal information safe.

Furthermore, about a third of shoppers (30 percent) doubt that companies are investing enough in security measures.

All of this distrust by shoppers is a sign that retailers are potentially going to lose the goose that laid the golden egg by not taking the appropriate system security precautions put in place.

Even the rise of mobile payments is not a panacea to solve the security payment issues.

With mobile phones there is the chance of malware being on the phone itself, or of a crook grabbing the phone and cloning it.

The one good sign for retailers is that at least shoppers are aware that security breaches are a cat and mouse game with the cyber-crooks, and that it is hard for retailers to continually stay ahead of the criminals.

Nearly two-thirds of shoppers (64 percent) reluctantly say that they “accept” that security breaches are now a part of the shopping process. This acceptance does not mean that they are happy about it, but just that they realize the tough problem of trying to make the shopping experience secure.

Retailers would be wise to audit their security mechanisms and see where there are gaps that need to be filled. The gaps are not only about the technology, but also about the proper processes and training of staff to make sure that system security is job number one.