By Reid Goldsborough
you have a credit card, you've already received - or soon will - a
spanking-new one with a highfalutin computer chip embedded in the front.
Such chips are designed to reduce credit card fraud, though they won't
Beginning Oct. 1, 2015, by law, retailers are
required to use credit card readers that check the chips of such cards,
or they will have to accept liability if someone counterfeits your card.
Until now, the bank issuing the credit card was liable.
before, consumers still won't be liable in most cases for credit card
fraud. If your physical card is stolen, federal law limits you to $50 as
long as you report the fraud within 60 days of receiving your
statement, though credit card companies typically waive this. If your
information alone is stolen, you have zero liability.
already might have used the "smart" part of your "smart credit card,"
also called a "chip card" or an "EMV card." EMV stands for Europay,
MasterCard, and Visa, the three companies that created the technology.
Among big retailers, Wal-Mart has been at the vanguard in taking
advantage of these cards. Target and Home Depot have done so for some
time as well.
Other large retailers, including Lowe's and Best
Buy, also have stepped up. Small retailers, however, are moving more
slowly. According to the consulting firm Mercator Advising Group, only
19 percent of all merchants will have invested in new credit card
terminals by Jan. 1.
These smart cards might help reduce fraud,
but this comes with a price. Using the card is slightly less convenient.
Instead of quickly swiping the card through a credit card reader, you
have to insert it, the right way, until the transaction is over. Experts
estimate this takes about an extra five seconds.
The new cards
work by producing a unique code for each transaction. Counterfeited
credit cards are virtually useless since the code changes each time the
card is used.
Most credit card fraud losses results from
counterfeiting - $3 billion out of a total of $3.8 billion in the U.S.
last year, according to the consulting firm Alite Group.
sometimes make counterfeit credit cards by stealing information stored
on your credit card's magnetic strip with the help of credit card
skimmers they install in places such as ATMs and gas pumps. The magnetic
strip holds your account number, the expiration date, and the security
code on the back (CVV, for card verification value). Other times, they
steal the same information by hacking into merchant databases. They then
use machinery to manufacture the physical credit cards.
crooks use the bogus card a few times, initially for a small test
purchase, then for big purchases, until they abandon it and move on to
the next one.
The new chip-embedded cards still have a magnetic
strip, also called a magnetic stripe or magstripe, on their back. You
can thus use them with retailers that haven't upgraded their equipment.
Retailers aren't required to do this, but many that don't will likely
find lollygagging more costly, in terms of fraud losses, than if they
had done so earlier. Big-ticket merchants such as jewelry shops and
electronics stores are more vulnerable than lower-value merchants such
as delis and coffee shops.
Other countries such as Canada,
Australia, and Brazil have been using smart cards for some time. With
these countries, it took two to three years before most retailers
invested in the new technology. The Payments Security Task Force of the
Federal Reserve System estimates that 60 percent of credit cards from
top issuers in the U.S. will be converted to smart cards by the end of
2015, rising to 98 percent by the end of 2017.
The new cards are
a step in the right direction. But many observers feel the smart new
credit cards aren't smart enough. For transactions above a certain
limit, they still require only a signature, which is virtually useless.
The new cards provide no extra protection for online purchases or
against the physical theft of a credit card.
A more secure
option, which some countries in Europe and Africa have adopted, is to
require punching in a PIN, or personal identification number, as you do
when making a debit card purchase. This would prevent the use of stolen
credit cards or credit card information that's stolen online. But it
would be less convenient still, requiring even more time to complete a
purchase, not to mention the possibility of forgetting your PIN.