Chip and PIN cards are here, almost.
On Thursday, October 1st, all merchants in the United States are supposed to be equipped with new credit card machines that accept Chip and PIN technology.
Likewise, all American credit card companies are due to have issued new chip-enabled credit cards to all their customers.
Sadly, this has not happened.
According to reports in both USA Today, and ComputerWorld, not only have most Americans failed to receive a new chip-enabled card, but it is believed that as many as half of the population doesn’t even know what a Chip and PIN card is!
The American conversion to a Chip and PIN technology was announced in 2012, and was directed by the credit card companies as a self-imposed standard, with merchants and card issuers given until 1 October 2015 to upgrade to the new requirement.
As a little incentive to encourage Chip and PIN option, merchants who are not compliant with the new standard have been warned that they are liable for any credit card fraud.
Not only is America way behind on issuing the new cards, but many merchants have only adopted a chip and signature, rather than a Chip and PIN standard. This is considered a half-step by chip manufacturer Gemalto.
Chip cards are not necessarily the answer to all card security problems either.
For instance, the experience in the UK – where Chip and PIN has been in place for ten years or more – saw many fraudsters switch from committing fraud face-to-face at the checkout tills of high street retailers to online criminal behaviour.
And last month, security blogger Brian Krebs reported that a chip skimmer (or shimmer) has already been manufactured and distributed in the wild.
Criminals can still use the usual methods of shoulder surfing or planting hidden cameras to capture a consumer’s PIN code.
What has your experience been? Do you have a chip-enabled card, and has your local merchant migrated to the new system?