Skeptics Question The Looming $11B Upgrade To Payment Card Security
Payments Insider is delivered first thing every morning exclusively to BI Intelligence members.
ANALYSTS AND PAYMENTS EXECUTIVES EXPRESS SKEPTICISM ABOUT EMV: The migration to EMV in the United States is picking up steam. In recent weeks, Target and Wells Fargo announced new or accelerated rollouts of the payment card security standard, which puts a microchip on credit cards to make them more secure. VeriFone, the dominant U.S. payment terminal provider, has said that 70% of its domestic shipments are now EMV-compatible.
But as the costs of migration - estimated to run at least $11 billion - mount, some payment and security experts are expressing doubts. "Merchants are going to suffer," says Rob Nathan, chief technical officer of payment processor CardConnect. "It's going to cost a lot of people a lot of money." Retailers have until October of 2015 to switch to EMV. After that, those who don't complete the switch will bear more of the liability for fraudulent transactions. The problem, say experts like Nathan, is that EMV solves a narrow security issue: card cloning. It's relatively easy to use stolen credit card information to create "clones," fraudulent magnetic stripe credit cards that can be used to make purchases. EMV cards, in contrast, are not easily cloned.
EMV would not have prevented the Target data breach. That breach was accomplished by hacking into the network on which Target's payment terminals were running, not by exploiting a vulnerability in the cards themselves. That said, if the EMV standard was widespread, the stolen data would have been more difficult to use in card-cloning schemes, because fewer merchants would accept the old mag-stripe cards.
There's one clear risk from the transition to EMV: fraudulent activity switches online, to "card-not-present" e-commerce transactions, where stolen information can be used without having to present a card. In the U.K., where like much of Europe and Asia EMV is standard, online credit card card fraud shot up dramatically after EMV technology was rolled out. "EMV is not alone a solution to everything," says Xavier Giandominici, director of FIME America, a consultancy that advises on the migration. "There is a lot of education [needed] on what EMV is bringing in terms of security and international interoperability, and ... other challenges."
MORE TROUBLE ON BITCOIN FOUNDATION BOARD: On Friday, entrepreneur and former actor Brock Pierce was elected to the board of the Bitcoin Foundation, a group seeking to promote and standardize Bitcoin's use. In response to Pierce's election, three board members - Patrick Alexander, Olivier Janssen, and Pierre Rochard - resigned in protest. They pointed to past lawsuits linking Pierce to sexual abuse and fraud, allegations Pierce denies. There's also new scrutiny on Pierce because of his links to X-Men director Bryan Singer, who has recently been sued for the alleged sexual abuse of an underage man - allegations Singer denies (Pierce, who was 17 at the time, lived in the same Encino, California mansion where some of the alleged crimes took place, but is not named in the suit or accused of any crimes). Two former Bitcoin Foundation board members have also been the focus of recent scandals: Mt. Gox CEO Mark Karpeles stepped down in the wake of the exchange's collapse, and Charlie Shrem stands charged with money laundering.
SHOPEKEEP CEO ON TAKING THE REGISTER INTO THE CLOUD: Recently, we sat down with Jason Richelson, CEO of cloud-based point-of-sale provider ShopKeep. He spoke about the New York-based start-up's latest funding round and the future of cloud-based software for retailers.
On the evolution of payments: Back in the Internet world of 1999, Ericsson came out with some method that you could pay for a Coca-Cola from your mobile phone and have it pop out of the Coke machine. That was the '90s. We still don't do that today.
On the benefits of card payments: There's a whole bunch of downsides to cash and a whole bunch of upsides to cards that retailers don't think about because they get fixated on the fee they're getting charged.
Here's what else BI Intelligence members are reading...