Remember the hullabaloo when banks and card companies made the switch from magnetic strip credit cards to chip credit cards after a bunch of consumer data was stolen? I do. My mother was terrified for MONTHS that her identity was stolen and she would have to move to Belize. It took a long time to get her over that fear, and even longer for her to use her credit cards again. Now, if you didn’t have an overdramatic mother or need a refresher on the chip cards, check out this article from Forbes for a quick recap on the whole transition.
Basically, chip credit cards are a lot more difficult to counterfeit, which was one of the benefits proffered by supporters. By using the chip technology along with requiring a personal PIN number, many believed the new cards would be exponentially more secure. The thought that a thief could take your card but not use it without magically knowing your PIN number was a relief to a lot of people. However, not every establishment requires a PIN number to be used. You can still insert your chip card and opt for the credit option, which only requires a signature. And we all know those are never accurate or properly vetted. (I’ve signed everything from a triangle to squiggles to random words just to see if any alarms were ever triggered… the answer to that is a hard NO.)
Unfortunately, once you get past the fancy chip part, nothing new is really happening. And with every new advancement comes villainy. A new fraud scheme called ‘shimming’ is targeting our chip credit cards. Thieves who target chip credit cards insert a paper-thin device inside a chip card reader on a credit card terminal. Then, when the credit card is inserted into that slot, the device (appropriately called a “shim”) captures the card information by reading the chip and storing the data.
Although such a delicate scam is not a widespread issue yet, it is something keep in mind as a consumer and it serves as a reminder for credit card holders to monitor fraudulent purchases on their statements. Don’t be that person who blindly pays their bills without looking at the charges! Nothing is ever bulletproof, and with new technology, criminals find new holes to exploit.
To combat ‘shimming’ and boost security, MasterCard is planning to introduce a variation of credit cards that use fingerprint identification to produce secure point-of-sale transactions. In this innovative move, the card holder’s fingerprint, which will be stored on the card’s EMV chip using a fingerprint reader embedded on the card, will be needed before a transaction can go through. So unless criminals find ways to steal fingerprints AND the associated credit cards, MasterCard could be on to something extremely secure and simple. And maybe it would speed up the process so we all aren’t waiting in line at Target for hours, am I right?
So how does a biometric card work? The chip validates the user’s identity by matching the fingerprint to the stored pattern. The change process is simple for merchants, as those with a chip reader don’t need to invest in a separate fingerprint reader. Theoretically speaking, this biometric card improves security compared with chip-and-PIN, and a fingerprint card is significantly more secure than a chip card that needs only a triangle or squiggle signature.
The biometric card is currently in a trial phase but with fingerprint technology so widely accepted with the introduction of the biometric readers on smartphones, it could come around much sooner than expected.