Isn't EMV just a way to strengthen authentication? There's a lot more to data security, so why are MasterCard and Visa forcing it on U.S. merchants? What about multifactor authentication?
Nancy Trout, Trout Account Services
Yes, the Europay, MasterCard and Visa (EMV) protocol does strengthen one form of authentication: what you have (a credit card, for example). EMV cards are more secure than traditional mag stripe cards. They contain computer chips, which, unlike mag stripe cards, are extremely difficult for fraudsters to duplicate, making it unprofitable for them to create counterfeit cards to use at the POS. When other regions of the world have implemented EMV, criminals have shifted their criminal activities to geographical regions and sectors (like e-commerce) that do not employ EMV.
Also, EMV goes beyond authentication because the embedded chips encrypt a unique digital signature for each purchase, further safeguarding sensitive data. For the time being, U.S. EMV cards will also have mag stripes, which aren't encrypted, but if an EMV reader is used instead of a mag stripe reader, the data will be more secure. Multifactor authentication includes more than one form of authentication. In addition to what you have, other forms of authentication include what you know, such as a PIN or password, and who you are, which can be verified through biometric means like fingerprints and retina scans. The more layers of authentication used, the more secure the transaction will be.
The push to hasten EMV implementation is just one coordinated initiative designed to improve the security of payments in the United States. No one believes it alone will protect our data and networks from criminal intrusion. Experts and innovators are working on many fronts to implement existing solutions (such as point-to-point encryption and tokenization) and devise new technologies to do a better job of protecting data both while in transit and wherever it may reside.
What is it about the world of payments that keeps you in this sphere? What do you think is going particularly well? Where do we, as a community of professionals, need to improve? Drop us a line at firstname.lastname@example.org, and let us know what's on your mind.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next