jsucool76 wrote:

yfan wrote:

kdm31091 wrote:

Thanks for making it much more clear than I did, yfan. I wasn't really aware that chip+pin was not more secure; I just assumed it was, but you're right, it's certainly debateable.

Right, for now I'm just saying that the security element for the card itself lies in the chip, not in the user verification method.

Unfortunately, the chip seems fairly useless until the magnetic strip is removed from the card. As long as it's still there, the info can still be taken. 

Actually, in many Asia countries i visit, the machine has a side port for reading magnetic strip, and a front port for reading the chip, so its seperate. And many machine in Europe process chip only. 

---

@Anonymous wrote:

---

@kdm31091 wrote:

I'm sorry because I think I was one of the ones who said a chip encrypts the data -- I'm mistaken. Admittedly, I don't know too much about it because I've never used it (no one even has it turned on in the US that I've seen). 

 

What I do know is that it's going to be more secure than our current swipe system. Then there's the Apple Pay thing that some people are using, which could possibly be secure too but anything can be hacked and I'm not putting my CC info into a smartphone. Anyway, I think physical cards aren't disappearing anytime soon, so it's good that we are moving to  chip.

---

I have a theory about how the US will never really adopt contactless as much as other Western countries that I should post at some point. It mostly boils down to how our payment environment is effectively chip/swipe and signature nothing.

---

I don't see us adopting contactless 100% for many, many, many years. People are proclaiming how succesful Apple Pay is and how it is the future of mobile payments. That may be true, but that doesn't extend  to mean that mobile payments are going to become the dominant thing for a very long time. Plenty of people don't have/want smartphones, or don't want to pay with a smartphone. I'm not plugging my card info into a smartphone. What if your phone dies? what if you drop it and it breaks when you are trying to pay? It sounds ridiciulous but the things are fragile after all. I'm not sold on mobile payments, and will continue to use physical cards as long as I can.

I think having a wallet with cards in it is far too engrained in our culture and society to disappear because of a phone app, at least not for many years.

Also worth noting is that the liability shift will be implemented this year. So any merchant that doesnt have "EMV-compliant terminals will bear the responsibility of any fraudulent magstripe transactions they accept" 

---

@bigbang91 wrote:

 

Also worth noting is that the liability shift will be implemented this year. So any merchant that doesnt have "EMV-compliant terminals will bear the responsibility of any fraudulent magstripe transactions they accept" 

---

Yes, but your card will have a magstripe on it, still. The info could still be skimmed, and used for online purchases/phone purchases. 

And how many small businesses will actually understand the liability shift? How many employees in businesses across the country will have a card not work, because it is cloned, and then simply manually key in the number, overriding the card terminal? If they have an EMV compliant terminal, but are simply trying to help out a person who they believe to be an honest customer, who does that liability fall on? 

Until the magstripe is completely removed off of all cards, the EMV chip means nothing. 

---

@LS2982 wrote:
If one has a stolen credit card with a chip all they have to do is sign and its good. I think the PIN option is the way to go personally.

---

Oh, LS. Didn't see you there. 

Glad to see you're still alive and kickin xD 

And yes, pin would prob be better. Still useless if the magstripe is on the card though. 

#DownWithMagStripes

---

@jsucool76 wrote:

---

@bigbang91 wrote:

 

Also worth noting is that the liability shift will be implemented this year. So any merchant that doesnt have "EMV-compliant terminals will bear the responsibility of any fraudulent magstripe transactions they accept" 

---

Yes, but your card will have a magstripe on it, still. The info could still be skimmed, and used for online purchases/phone purchases. 

 

And how many small businesses will actually understand the liability shift? How many employees in businesses across the country will have a card not work, because it is cloned, and then simply manually key in the number, overriding the card terminal? If they have an EMV compliant terminal, but are simply trying to help out a person who they believe to be an honest customer, who does that liability fall on? 

 

Until the magstripe is completely removed off of all cards, the EMV chip means nothing. 

---

I believe that will lie with the company that provide the machine to inform all businesses of the changes. And i dont think the chip is cloned, cause if it is its pretty much same as magstripe. Thus as far as i know, online shopping/phone   ask for zipcode, address... To complete. Does that information store on the magstripe as well? I know its not perfect, but it helps. The proof is Europe, they did not suffer major high profile theft like in the US. If a continent can implement the EMV chip successfully, why cant we!