Regional sites:
Specialized sites:
From a real-world
fraud-prevention standpoint, EMV is significantly more secure than traditional
magstripe cards. Through the use of advanced encryption, embedded card risk
analysis capabilities, and online and offline authentication, most of the
traditional methods used to steal card data or to clone cards using magstripe
technology are rendered worthless, or at the very least, very difficult to
accomplish.
That said, as with other major EMV rollout initiatives in the UK, Canada, Australia and other countries around the world, the migration to EMV Chip and PIN/Chip and Signature in the U.S. will occur in stages, with merchants, banks, processors and others working loosely towards a singular goal, but at their own speeds.
What this means is that best case card security scenarios—no magstripe
fallback, DDA or CDA offline authentication only, smartcard onboard risk
analysis capabilities, no manual PIN entry—can’t be assumed. There will be an
interim period while the infrastructure is being built, likely spanning several
years, where prudent security practitioners will continue to invest in
additional security measures such as point-to-point encryption products that
ensure Track 1 and 2 data are encrypted prior to transmission and advanced
tokenization techniques that replace card data with a random value, thereby
protecting merchants from storing unsecured card data while also potentially
releasing significant portions of their infrastructure from PCI scope.
| << Back: Why EMV and Why Now? | Next: When the Card is Not Present >> |
|
<< Back: Overview |
|
Magnetic stripe cards do not have the same kind of data storage and have no internal computer like EMV Cards
