While the new cashless, mobile economy gives consumers more opportunities to shop and pay, it also creates more channels for fraudsters to attack. While EMV chip technology has successfully decreased in-store fraud, it has driven fraudsters to shift focus. Today, most fraud is committed online and via mobile apps where thousands of transactions can be made quickly, and criminals can hide behind computers.
In the past, the typical fraudster was an individual working alone. Today, fraud is big business. Cybercriminals wear business suits, work in real offices, keep regular hours, and openly market their products and services.
While there are still criminals stealing purses on the street and using stolen cards, the real problem is the organized groups who collaborate and use technology to commit fraud on a large scale. As a result, a single act of fraud can have a devastating impact.
Cybercriminals acquire sensitive data and card information by finding vulnerabilities in computer programs. They launch attacks on both individual computers and large systems, gathering information and linking personal data to card numbers.
Then, they bundle the offerings for sale on the dark web. Since these operations are often headquartered overseas, out of the reach of U.S. authorities, they’re difficult to shut down.
Everyone plays a role in ensuring the security of transactions.
The Impact of EMV ChipsTo enhance the security of card payments, Europay, Mastercard and Visa (EMV) joined forces to introduce EMV technology in 2004.1 They later combined with other card networks to form EMVCo, which now oversees EMV compliance.
The benefit of EMV chips is that they store customer data on integrated circuits which generate a unique code for each transaction that is never stored or used again. Before EMV, card data was only stored on the magnetic strip on the back of the card, which made it easy for fraudsters to counterfeit cards.
1 “EMV Roots Go Deep in Europe,” Bank Information Security, 7 March 2011
2 “Can Credit Card Security Codes Sufficiently Protect Against Fraud?” Chargebacks911, 23 August 2018
3 “The History of the PCI DSS Standard: A Visual Timeline,” TechTarget, November 2013