Why is Chip & Pin More Secure? So Why Don’t They Use It In The USA?

3077_SPS_LOGO_AW_ELEMENTS

Ultimately chip & pin technology makes the PIN number that is associated with your credit card or debit card, which obviously has to be embedded in the card somewhere, harder to get at for the bad guys.  If they get the PIN, they can run riot with whatever cash you have in your account or have access to, it isn’t rocket science!

Once upon a time we in the UK used the magnetic stripe system, which was swiped to read all of the card data, and then we signed a piece of paper to verify that it was us.  But this was deemed to be not very secure because stealing data from a magnetic stripe is relatively straightforward, in the greater criminal scheme of things, according to most sources.  Apparently a simple MP3 player can read it, or the data can just be wiped and re-coded.

And if you add into that the length of time that it takes to “verify” a signature (and ultimately can anyone really be sure that it was you that signed it!?!), then there are simply too many variables which can leave those invaluable card details at risk of loss or compromise, or allow a transaction to be made when it is not even you in possession of the card.

So that was replaced by chip & pin, which keeps the PIN number in a highly secure and encrypted “environment” on the card (the chip itself).  But as always, devious minds have found ways around that too, most commonly by using ingeniously disguised devices attached to cash machines to clone cards and record PINs.  Plus if we are careless with how we type in a PIN and who we let see us do it, it really isn’t hard to remember a 4 digit number is it?

Although I still think that it has got to be more secure than the old magnetic card swipe option.

But that then really begs the question as to why our chums over the pond in the good old US of A don’t use it?  I would be interested to have any further insights on this, but the reading I have done suggests that it is largely a case of commercial inertia, as apparently the banks and card companies make more out of the less secure form of transaction processing, because they get away with charging more, because it is less secure, and therefore exposes them to more risk!  Surely they would save money in the end by reduced fraud?  Anyway I would very much appreciate thoughts and comments from people more learned and “in-the-know” than myself…

But what is certain is that even chip and pin is still open to potential compromise, as we all know.  So apparently if we now go to Poland or Japan it is just as likely that we will encounter a finger-sized scanner which our overseas counterparts will press Star-Trek style to have their fingerprints or blood-pressure read, or whatever, to uniquely identify them.  Interesting.

But this is expensive, a reader typically costs around £200, so the banks probably wont be rushing to adopt the technology I suspect, but it is an interesting development in the grander scheme of things, to try and make the credit and debit card transactions that we conduct every day that bit more safe and secure.

Secure Payment Solutions is an independent business committed to making debit and credit card transactions more secure for all.  We work primarily with merchants, reviewing their suppliers and processes, to ensure that by being secure and compliant, charges for processing transactions are minimised for merchants.