2014 seemed to be the year of big data breaches in the United States. Hacks at four major retailers — Home Depot, Michaels Stores, Neiman Marcus, and Target — compromised the payment-card data of more than 130 million customers. Breaches like these left consumers vulnerable to fraud and identity crimes.
As of Dec. 23, there had been 761 data breaches in 2014, resulting in more than 83 million exposed records, according to the Identity Theft Resource Center, which tracks confirmed data breaches. Nearly one-third of those breaches were business (including retail) related.
So it’s no wonder that talk of smart credit cards has become more prevalent. For months, you’ve heard about the “innovative” and “advanced” security upgrades credit cards are getting. For most of us, this upgrade is just a fantasy, as our wallets still store tattered magnetic-strip cards with our signatures (sometimes) scratched on the back.
But come October 2015, the liability shift deadline will hit, and you will stop swiping credit cards. By then, every U.S. cardholder will be using the more secure smart credit card — a type of EMV card, which stands for Europay, MasterCard and Visa, the card brands that founded the new technology.
EMV cards have been the standard across Canada, Europe, and other parts of the world for years, and the technology is slowly making its way to the United States, the last major market still using swipe-and-sign credit cards.
Unlike traditional swipe-and-sign credit cards, EMV cards are embedded with microprocessor chips that assign a unique code to each purchase. To authorize the purchase, the consumer must enter their valid personal identification number (PIN), which is designed to replace their signature at checkout.
These specific EMV cards, commonly known as chip-and-PIN cards, transmit this data in a dynamic way that’s only viable for a single purchase, thus harder to counterfeit because the unique chip data and PIN are both required to complete a transaction at a compatible terminal.
Other countries have found success with the chip-and-PIN technology. For example, since the widespread implementation of chip-and-PIN cards in 2004, payment fraud has declined drastically in the United Kingdom. From 2004 to 2010, transaction fraud at retailers plummeted by 69% in the UK, according to data by the UK Payments Administration.
EMV co-founder MasterCard says we’re well on our way to safer transactions and fewer security breaches: Approximately 100 million chip cards are currently in circulation in the U.S. But that doesn’t mean the cards are being used properly.
Despite the advancements, most U.S. retailers aren’t equipped to handle the new chip cards. Experts project it’ll cost anywhere from $1.4 billion to $3 billion to replace current cards, and from $2.5 billion to $6.75 billion to replace the payment terminals. Thus, most merchants and banks aren’t racing toward the October 2015 finish line. But some retailers, such as Wal-Mart, are installing the new chip-enabled payment terminals.
In fact, over the last year, only 0.03% of card transactions originated from chip-enabled payment terminals, according to EMVCo, which oversees the EMV payment technology. So some experts and banking institutions say there’s no sense in using the new chip cards at this point, as they provide the best protection when used at chip-enabled terminals, which are currently hard to find in the U.S.
However, if you shop at a handful of domestic retailers who have chip-enabled terminals (or if you’re traveling overseas), there are ways to get your own chip-and-PIN credit card today.
Credit card issuers will distribute new cards to current cardholders when available. If your old card expires, is damaged, or lost, you may request a new card ahead of schedule. If you have your valid card, you may still your credit card company to request one.
Just be aware that, depending on the institution, there may be a fee for requesting a replacement before you need one. Cardholders should receive the new chip cards in the mail.