Chip and PIN - Another failure?
In recent history the Credit Card industry touted Chip and PIN as the ‘almost ultimate’ answer to credit card fraud. The embedded chips could not be reproduced and without the chip, the cards were useless. The industry pushed them hard in Europe, most notably in the UK.
Those of us that thought we knew better, responded by predicting that the Chip and PIN technology would drive the fraudsters out of the Brick and Mortar stores into the realm of on line stores and drive the on-line fraud rate higher. Not too surprisingly, they were wrong and we were right.
The fraud protection technology isn’t all that great. In fact, according to some reports the whole concept is in chaos. Another article about the same incident confirms the on-line merchant’s fear by saying that on line fraud increased from ˆÉ’ÄöˆÇ¬£151m in 2004 to 183m last year.Admittedly, a lot depends on who you believe. According to other reports, Card Present fraud has decreased since the roll-out of Chip and PIN in the UK but even these folks admitted that the decrease is less than expected and that, given some time, the bad guys will figure out how to clone the cards.
Then, only four days later, Lloyds-TSB “finally conceded” there are major flaws in the system.
Is Chip and PIN a failure? I think so.
Tell us what you think.
They had at least 3 problems to solve:
1) Card-present transactions on latest card terminals (ie: cash registers)
2) Card-present transactions on legacy (most) card terminals
3) Card-Not-Present transactions
Unless you plug up all 3 systems at the same time, you will only move fraud to other systems, rather than actually reducing it (assuming the technology actually works in the first place).
1/3 of a solution isn’t a solution. It’s hardly a finger in the dike.
May 21st, 2006 at 6:52 am