Skip to main content
close search
site logo
Dive Brief

NCR uncovers new security flaw in EMV chip cards

Published Aug. 4, 2016
By
Contributor
MasterCard

Dive Brief:

  • Transaction technology company NCR announced at a security conference that it has uncovered a way for the magnetic stripe code on an EMV chip card to be rewritten to bypass the security capabilities of the chip and enable incidents of counterfeit fraud to occur.
  • The U.S Payments Forum questioned the significance of the finding, saying that that backend systems would catch and reject the fraudelent transaction, even if the payments terminal in the store was fooled.
  • CNN Money reports that the security flaw can lead to fraudulent transactions mainly because many retailers don't use encryption capabilities in their payment terminals.

Dive Insight:

A new controversy is pretty much the last thing supporters of the EMV chip transition need right now, though this complaint actually connects back to the long-standing general complaint by retailers—that they are being forced to spend a lot of money on security measures that aren't completely secure.

It should be noted that EMV chip cards and terminals do make it much harder than it was before for thieves to compromise transactions and steal important data. Yet, by not requiring PIN-based authorization rather than signature authorization of purchases, the payment companies themselves have compromised their own efforts to soothe retailer and consumer concerns.

Still, NCR's finding shows that the card companies and retailers arguing about card security and transaction authorization methods may be missing an important point. These physical items and manual process eventually can and will be compromised one way or another. It's better to focus on the aspect that most needs to be protected—the transaction itself. And encrypting transaction data may be the best way to do that.

EMV cards and terminals may have left a door open for thieves, and this may not be the last open door that gets discovered. They also have left the door open for alternative payment methods that do employ advanced encryption methods. Thieves may benefit from this discovery, but Apple Pay may benefit, too.

Recommended Reading

Filed Under: Operations, Technology

Editors' picks

Company Announcements

View all | Post a press release
New Brand Benchmark™ reports from VideoMining aim to fill missing link in CPG brand insights
From VideoMining
November 14, 2024
Importance of Investing in Innovative Technologies in Retail Highlighted in Gartner Report
From AutoStore
November 01, 2024
Nakisa Unveils Next-Generation IWMS Product Portfolio
From Nakisa
November 04, 2024
New report profiles America's biggest Christmas gifters
From YouGov America
November 14, 2024
Editors' picks
Latest in Operations
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell