Sign up to our newsletter
Even before the payment card mega-breaches at Target and Home Depot, updated credit card technology was set to come to the US in 2015. With the deadline for the switchover now just months away, how are vendors doing? Have they begun the conversion already, or will they likely be scrambling at the last minute?
as one of the people hit by the Target breach, I was particularly curious to see how banks would reactI’ve been keeping a close eye on credit card technology for the last year or so, after writing an article for We Live Security about the Chip & Signature technology due to make its way here this year. And as one of the people hit by the Target breach, I was particularly curious to see how banks would react, and whether the huge number of cards to replace from the Target and Home Depot breaches would motivate them to adopt the technology more quickly.
While my local credit union has indicated that Eurocard Mastercard Visa (EMV) cards will soon be on their way, I also have received a new credit card for my account with a major bank that started sending out updated cards early this spring. So it looks like banks may well make the deadline; there’s the good news. But the new technology is useless if vendors are not yet accepting those cards.
Armed with a credit card with updated technology, I set off about my usual errands, looking for an occasion to utilize it (and to engage some poor, unsuspecting cashiers in conversation about the change). I felt like I had seen point of sale machines all over the place that accepted EMV cards, before receiving my new card. But when I actually had one to use, what I found was a little different from what I expected.
I tried and failed dozens of times to use the chip, at maybe a dozen different retailers, before I found a place where it actually workedWeeks passed before I was able to actually try out the chip functionality. I had indeed seen quite a few Point of Sale (PoS) machines that had a slot for EMV cards, but most of them were not yet enabled. I was both shocked and amused to see that Home Depot and Target were the most likely to have visible but non-functional chip card readers, but in no way were they the only vendors where this was the case. Even the local Ikea store – an international retail chain in a location right next to an international airport – did not yet have their card reader enabled. I tried and failed dozens of times to use the chip, at maybe a dozen different retailers, before I found a place where it actually worked.
Any guesses as to where I finally found a PoS where the chip card reader worked? Would you guess it was at a major retailer with big bucks behind the switchover? Would you expect that it would be in a major city? Those would have been my best guesses. But no: It was at a tiny garden center in a location three towns over from the nearest major-ish city. The cashier told me how excited she was to have their new machine, which they had only just gotten a few days before.
My experience since then has been much the same: local stores in locations outside the city are updating to the chip readers and actually using them. I’ve seen a ton of big-box stores with chip readers, but the only nationwide chain where I’ve been able to use my chip card was a gas station. (Given that gas stations have historically been a place where card skimmers are more commonly a problem, this was a comforting discovery.)
With the liability shift deadline less than 6 months away, things are clearly changing at banks and credit unions, at big box retailers and at Mom-and-Pop shops alikeWith the liability shift deadline less than 6 months away, things are clearly changing at banks and credit unions, at big box retailers and at Mom-and-Pop shops alike. But it remains to be seen whether vendors will be scrambling at the last minute to make the shift.
What has your experience been with EMV cards? Has your bank notified you of the change or sent you an updated card? If you have a card with a chip, have you been able to use it in the US yet? If so, where?
Author Lysa Myers, ESET