EMV Cuts Card Fraud - But Elsewhere FIs Must Be More Vigilant Than Ever

By : Laurie Gentz

May 15, 2018 12:00 PM

The October 2015 transition to EMV chip card technology in the United States has had a massive impact on counterfeit fraud, which back in 2011 was the leading type of fraud in the country, according to Visa.


Of course, the success of EMV is excellent news for the financial services industry and for legitimate customers. However, one unfortunate and inevitable consequence of this upgrade in card security is a shift in focus by criminals. With fraudsters turning their attention away from card-present fraud and targeting other channels, financial institutions (FIs) need to be extra vigilant and thoroughly protected.


The EMV effect


EMV chip cards represent a significant security upgrade compared with traditional debit and credit cards. Where the magnetic stripe on payment cards stores account information statically, the EMV chip makes it possible for data to be uniquely encrypted each time it is accessed. This makes it much more difficult for criminals to commit card-present fraud.


Since October 2015, liability for any instance of card present fraud in the US has rested with the party that has failed to adopt EMV chip technology - either the issuing FI (with issuing EMV Chip cards) or the merchant (with EMV chip enabled point-of-sale (POS) devices).


According to the latest figures from Visa, merchants who have upgraded their POS technology to support EMV experienced a 70 percent drop in counterfeit fraud dollars between December 2015 and September 2017.


More than 2.7 million merchant locations (or 59 percent of all US storefronts) now accept chip card payments - 578 percent more than when the EMV migration began.


Card issuers have also been doing their bit to support the transition, with the number of Visa chip cards in the US tripling from 159 million in September 2015 to 481 million in December 2017. Chip transactions increased from 79 million to 1.5 billion over the same timeframe, with 96 percent of all US card payments in December 2017 occurring on EMV cards.


The upgrade to EMV technology has clearly had a positive impact on card-present fraud protection, but what does this mean in context of the wider security landscape?


Fraudsters adapt and FIs must be ready


One of the unfortunate consequences of stronger protection in one channel is that it often forces fraudsters to come up with new attack methods or to shift their attention to a different space with its own potential weaknesses.


In the case of America's EMV migration, there has been a clear change in focus to card-not-present fraud. In a recent report highlighting unprecedented levels of identity fraud in the US, Javelin Strategy & Research revealed that EMV chip technology has made it 81 percent more likely for fraud to be committed online than in physical stores.


Discussing the impact of EMV adoption, Eva Velasquez, CEO of Identity Theft Resource Center, a San Diego-based non-profit organization that helps victims of identity theft, told TechTarget: "Counterfeiting cards is no longer the lowest-hanging fruit, and thieves moved their efforts to online card-not-present transactions."


What this means for banks is that it is more important than ever to deploy fraud detection and prevention solutions that are comprehensive and flexible, with the tools and technologies required to keep up with evolving threats. Choosing a system with rules combined with advanced machine learning and analytics capabilities, for example, puts your organization in a stronger position to monitor trends in the threat landscape and stop fraud in its tracks.


This sort of agile, innovative protection will prove increasingly important as FIs seek to keep their customers and their business safe in the face of new methods and forms of attack.

Laurie Gentz

Marketing Manager, Fraud & Security Solutions

Other articles by this author

Laurie is Financial Services Solution Marketing Manager at NCR. She is responsible for marketing NCR’s fraud solutions, with a specific focus on enterprise, cross-channel fraud.