The stories you want. The opinions that matter.
No, thanks
Tag: debit cards
Chip Credit Cards Could Slow Holiday Shopping

Chip Credit Cards Could Slow Holiday Shopping

By Gregory Karp, Chicago Tribune (TNS)

As the calendar flips to November and visions of Black Friday dance in their heads, holiday shoppers using new, more secure chip credit and debit cards will be learning a new checkout procedure.

While the added security might be welcome, new cards could mean more frustration and slower checkout lines during the bustle of holiday shopping.

“The bricks-and-mortar retailers were already fighting an uphill battle against the e-commerce guys, so the last thing they need are more reasons for customers to be ticked off at them,” said Neil Stern, senior partner at Chicago-based McMillanDoolittle.

One Wal-Mart executive said he expects widespread checkout problems and “anarchy” during the holiday season because of confusion over how to use the new cards, which must be “dipped” into the machine and left there for several seconds, as opposed to a momentary swipe.

While Wal-Mart was among the first to install and use new readers for chip cards and has become proficient over the past year, many merchants are just starting that transition and many consumers are baffled.

The timing of the shift “wasn’t necessarily optimal, given that we’re going into the holiday season,” said Wal-Mart spokesman Randy Hargrove, elaborating on recent comments by John Drechny, senior director of payment services at Wal-Mart, during a panel discussion at the Money20/20 payments conference in Las Vegas. “There could have been a better time, off-season.”

Many shoppers have already witnessed the confusion at retailers widely accepting chip cards, perhaps at Target, Wal-Mart or Walgreens.

It involves failed swipes, trying to follow the cashier’s instructions, fumbling with the card while trying to insert it correctly into the reader slot and remembering to remove the card at the end of the transaction.

“I’m a retail consultant, and I still put it in the wrong way and yank it out too soon,” Stern said. “It takes a long time for people to change habits.”

Even without confusion, the so-called push-and-pause method generally takes longer than the swipe. Although that difference can be as little as about 1 second longer, a Wal-Mart spokesman said.

“From a retailer standpoint, it’s really bad because it slows down productivity at the front end,” Stern said.

It will likely be more problematic for retailers whose customers expect a quick checkout, like Walgreens. “People don’t like waiting,” Stern said. “At Macy’s, customers might be a little more patient with the transaction process.”

Credit and debit cards are likely to be a big deal for the holidays, with 76.4 percent of consumers saying cards are their primary payment method, split about equally between debit and credit cards, according to the latest National Retail Federation numbers from 2014. That compares with 21.6 percent paying cash, and 2.1 percent paying by personal check.

Oct. 1 was a soft deadline for banks to issue new credit and debit cards with microchips and for retailers to install readers that can use the new chip technology.

However, it turned out that the Oct. 1 date was more of a starting gun than a checkered flag in the race to add security to card payments. Far from all banks and retailers were ready, and many still aren’t. Most Americans don’t even have the new cards yet, as banks and credit unions have been slow to replace old ones.

Among U.S. merchants, just 27 percent were expected to be ready to accept chip cards by the deadline a month ago, according to management consultant The Strawhecker Group. By the end of the year, that’s expected to rise to 44 percent and not hit 90 percent until 2017, a Strawhecker survey showed. Banks and merchants have said they will likely make the conversion to issue and accept credit cards first and debit cards later.

The good news about the relatively slow rollout is that many consumers won’t be affected this holiday season — if they don’t have chip cards yet or they shop at retailers that don’t accept the new cards.

Meanwhile, Target, which can accept chip cards at all its stores, recently made the bold move to accept yet a different card payment procedure. It started issuing new Target store credit and debit cards, called REDcard, that are more secure because they not only have microchips embedded but require users to enter a personal identification number at checkout instead of signing.

So-called chip-and-PIN is a process used in most other countries that have switched to chip cards, but is not typical in the U.S. so far — a point of conflict between banks that issue cards that require signatures and retailers who want the added safety of PINs.

“We realize that data security is top-of-mind for American consumers, so we wanted to offer them the solution that really is most secure in the marketplace today,” said Target spokeswoman Molly Snyder. “We recognized that would be on the early side, both on the issuance and acceptance (of PIN-enabled cards), and so we put a ton of effort into making sure our team members, people who are engaging with guests on the frontline, are equipped to answer questions. What we’re seeing is that is going really smoothly.”

Target officials might be especially sensitive to security concerns because of the retailer’s massive data breach during the 2013 holiday shopping season, in which some 40 million cards were compromised. The breach likely expedited the change to new card technology in the U.S., which had been sluggish to switch compared to other developed nations, experts say.

Overall, the switch to new checkout habits is a significant change for shoppers, “putting additional financial pressure on financial institutions and confusing consumers, many of whom don’t even know why the transition is happening and have no idea how to use an EMV chip, or ‘smart’ card,” said a report by Chicago-based Arroweye Solutions, which manufactures payment cards and sends them to consumers on behalf of issuers. EMV stands for Europay MasterCard Visa, the coalition that developed specifications for the system in the 1990s.

“It’s still very much a work in progress,” said Arroweye CEO Render Dahiya. “There will be a lot of on-the-job — or on-the-shopping — learning.”

The new cards, with both the new microchip visible on the front and the old black magnetic stripe on the back, are only safer when used with a new chip card payment terminal. Chip cards make every transaction at a payment terminal and ATM unique. Old machines read the old-tech magnetic stripe, and are no safer with the new cards.

While it’s true that avid shoppers of big retailers will be skilled at the new card “dipping” checkout process — and checkout employees adept at helping customers — everything changes during the crush of holiday shopping.

“We haven’t seen it yet when it’s a stress point, and the holidays are a stress point,” Stern said.

The new cards could cause in-store checkout woes on Black Friday and throughout the season, but they won’t affect Cyber Monday and other online holiday shopping. Customers make online purchases with the new cards the same way they always have, by typing in the card number, expiration date and security code. Those transactions are no more secure with the chip cards.

Still, payment-terminal slowdowns alone probably won’t force holiday shoppers to abandon stores for websites.

“I suspect we’re going to see some frustration, but it probably doesn’t elevate to the point of customers saying, ‘I’m not going to the store. I’m just going to do this online,’” Stern said. “More people are going to shop at home, but not because of this. But it’s certainly not going to help physical retailers.”

If shoppers become frustrated enough with chip cards, it might speed adoption of yet another payment method: mobile payments with a smartphone using such services as Apple Pay, Android Pay and Samsung Pay.

“If EMV does slow down the transaction process, if people do leave cards in the machine, then you have a scenario where mobile does become a value-add, if that transaction is quicker,” Dahiya said.

©2015 Chicago Tribune. Distributed by Tribune Content Agency, LLC.

Photo: A chip credit card. (Image Source/Zuma Press/TNS)

 

To Prevent Data Theft, Businesses Race To Adopt New Technology

To Prevent Data Theft, Businesses Race To Adopt New Technology

By Lindsay Wise, McClatchy Washington Bureau

WASHINGTON — Recent high-profile data breaches at Target and Neiman Marcus have accelerated plans by banks and retailers to implement technologies they say will prevent hackers from stealing consumers’ account information.

Malware installed in Neiman Marcus payment terminals exposed 1.1 million debit and credit cards from July to October last year, while the Target incident compromised the personal information of more than 110 million customers in November and December.

The sophistication and scope of the recent breaches has lent increased pressure to the adoption of a new generation of microchipped debit and credit cards and a cutting-edge technique known as “tokenization” to protect online and mobile purchases.

Industry experts say the technologies will limit the volume and value of consumer data stored by retailers, who no longer will have to safeguard sensitive details such as card numbers, PINs and security codes.

“It’s not just about protecting consumers from financial loss or the system from financial loss; it’s really about maintaining trust,” said Ellen Richey, executive vice president, chief legal officer and chief enterprise risk officer for Visa Inc.

In the aftermath of the breaches, Visa and MasterCard announced the formation of a new cross-industry security working group focused on speeding up and coordinating the adoption of the new technologies.

“We were pushing that direction, but this Target event has given it the kind of urgency that it didn’t have before,” Richey said.

Banks already are starting to issue debit and credit cards embedded with microchips, also known as EMV, which stands for Europay, MasterCard and Visa. The system is widely used in Europe. More than half of all credit cards in the U.S. are expected to shift to EMV by 2016.

To encourage the transition, MasterCard, Discover, American Express and Visa have instituted a policy that a bank or merchant that hasn’t adopted chip technology by October 2015 will bear the loss if a transaction turns out to be fraudulent, Richey said.

“It’s a fairly powerful incentive,” she said.

The United States has been slow to adopt microchipping because of the high costs associated with replacing traditional magnetic-stripe cards and payment terminals, estimated at $15 billion to $30 billion.

“Because of that high cost, there were definitely folks out there who were skeptical of whether they should or shouldn’t implement it, and now because of the data breaches, that seems to be moving a whole lot faster,” said David Fortney, senior vice president for The Clearing House, the nation’s oldest banking association and payments company, which provides payment clearing and settlement services.

Consumers aren’t likely to notice changes overnight. Banks will issue the microchipped versions as old cards expire, rather than all at once.

The new chip card will have a little symbol on the front to represent the microprocessor embedded inside.

“It’s actually like a little computer, a real little computer with applications and a processor in it,” said Visa’s Richey. The microprocessor also can be placed in a mobile phone, she said.

Instead of swiping the card to pay, a shopper dips a “contact” chip card into a slot in the pay terminal at checkout.

“Contactless” chip cards will use radio signals, so the shopper has only to tap or hold a card or mobile phone close to the terminal to make a purchase.

The computer in the card produces a cryptographic message that changes with every transaction, so even if thieves steal the account number, they can’t make a counterfeit card, Richey said.

“The problem we’re having is that criminals can steal information from a merchant environment, and they can get enough information to make copies of the card,” she said. “They don’t have to have your physical card; they can make copies — and as many copies as they want — because the data is static and doesn’t change from transaction to transaction.”

Photo: StormKatt via Flickr