Is EMV solving the fraud problem?
Short answer: No.
But, to be fair, EMV is not designed to solve the entire fraud problem — rather, it addresses one piece of the puzzle, namely counterfeit card fraud. While the U.S. conversion to EMV is not yet complete, Mercator Advisory Group is tracking its progress:
- 84 percent of U.S. general purpose credit cards will have EMV chips by the end of 2016.
- 3 in 5 American adults now own at least one EMV chip card.
- EMV card conversion is projected to be complete by the end of 2018.
- Nearly 50 percent of in-store credit card transactions will be “chip on chip” this year.
While more and more cardholders are using EMV at the point of sale, merchant adoption is still spotty. “Delays in the certification and activation of merchants’ point-of-sale terminals has introduced a significant lag between the distribution of EMV-capable terminals and the enablement of those terminals,” says the Mercator report “EMV in 2016: Breaking through the Bottleneck.” This state of affairs has consumers and merchants frustrated, even as EMV moves forward.
Other Types of Fraud Surge
Meanwhile, other types of fraud seem to be having a heyday. FICO reports that ATM skimming rose 546 percent between 2014 and 2015 – in large measure because EMV at the ATM has been slower to roll out.
“As long as mag stripes are still being used, there’s still an opportunity for criminals to monetize card-skimmed information.,” says CO-OP Fraud Specialist John Buzzard. “Eventually, chip-and-PIN with be the standard, but in the meantime I call this compression.” As long as magnetic stripes are in widespread use, there will be a market for them among fraudsters.
If you’ve noticed that we’re no longer getting weekly reports about giant retailer data breaches, don’t be fooled. According to Buzzard, there’s a massive amount of stolen data out there on the dark market. Criminals may now be focusing on “filling in the blanks” with stolen Social Security numbers and other personal data taken from healthcare or government files. Between the robust availability of stolen data and the rise of account takeover fraud, sophisticated spoofing scams, and creative work in social engineering, fraud as a whole is not on the decline. If anything, it’s enjoying a renaissance.
What does this mean for card issuers?
- Proceed with EMV. Whatever hiccups may be occurring as this new technology takes hold, converting to EMV is not optional; it’s mandatory. If going with the flow isn’t reason enough for you, consider the alternative. Sticking to mag stripes could make your cards conspicuous targets for fraud.
- “Tokenization is easy, and it’s a quick way to provide an encrypted transaction,” Buzzard says. Adding tokenization also gets you in the game with digital wallets like Apple Pay, Android Pay and Samsung
- Turn up fraud detection and analytics. Fighting fraud has become a multi-pronged process. Fraud detection, fraud forensics, and predictive analytics play a critical role. You never know where or how fraud will turn up these days. That makes these fundamental tools more important than ever.
- Enlist your members’ help. Empowering members with the information and tools they need to monitor their accounts, approve or decline transactions, turn cards on and off, and participate in their own security might be the single biggest gain you can make in your battle against fraud.
- Expect more innovation in the fraud space – both from fraudsters and financial institutions. While EMV adoption marks a major milestone in U.S. fraud fighting, this war is not ending any time soon. Choose your weapons and stay vigilant.
See how credit unions can stay ahead of mobile payment security challenges with innovative card controls, alerts and more. Download our Security eBook to learn about the measures you can offer members.