Tech Q&A: Do Those New Chip-Based Credit And Debit Cards Need Protection?
By Steve Alexander, Star Tribune (Minneapolis) (TNS)
Q: Do the new EMV chip credit cards (named after the developers, Europay, MasterCard and Visa) require a protective cover so that they can’t be scanned by nearby thieves, just as RFID (radio frequency identification) cards do? Do other radio frequency ID cards, such as hotel key cards, pose a risk of identity theft? — Jan Sartee, San Rafael, Calif.
A: There are two types of credit cards using EMV chip technology. One is read by a slot in a point-of-sale terminal; the other is read by holding the card near the sales terminal.
If your EMV card requires physical contact inside a reader, its transactions and account information can’t be scanned remotely by thieves. If it is a contactless card, there’s a chance it could be read by nearby spying equipment, although the credit card industry says that’s unlikely.
Why is it unlikely? Because the contactless card uses an over-the-air technology called near-field communication, or NFC, which is more secure than RFID. NFC card signals are detectable in a range of 2 to 4 inches, while RFID card signals can be detected at up to 25 feet, says the Smart Card Alliance, an industry group. And while RFID cards are designed for minimal security, contactless EMV cards have secure microprocessors and memory and can encrypt (encode) data. (The hotel industry says that for security reasons no personal information about guests is put on RFID room cards.)
But, even if thieves were able to steal financial information from an EMV chip card, either by remotely detecting a contactless card or by infecting a point-of-sale terminal with malicious software, the effect of the theft would be less than it is with magnetic stripe cards.
Why? So far, it isn’t possible to use stolen EMV chip card information to create a fake credit card that could make fraudulent purchases, something that’s easily done with magnetic stripe cards. EMV cards create a special code for each financial transaction, a function that can’t be duplicated by stealing card data, experts say. However, stolen EMC card data could still be used for online sales fraud, because in online use a credit card’s chip isn’t used. In addition, stolen EMV card ID information could still be used to apply for new credit card accounts.
Q: My wife has one of the first iPads, and is having problems because it doesn’t seem to recognize newer software. Is there any single website where the iPad can be updated? — J. Glenn Dockery, Lakeland, Fla.
A: If your wife has an iPad 1, the upgrade possibilities are limited. It can download the Apple operating system, iOS 5.1.1, but that won’t enable it to handle more modern functions such as photography (it has no camera), or use the Siri voice-activated assistant. The iPad 2 and later models can download the latest operating system, iOS 8.4, although some still can’t use Siri. For details on how to upgrade your iPad, see tinyurl.com/paxt64n.
ABOUT THE WRITER
Steve Alexander covers technology for the Minneapolis Star Tribune. Readers may write to him at Tech Q&A, 425 Portland Ave. S., Minneapolis, Minn. 55488-0002; email: firstname.lastname@example.org. Please include a full name, city and phone number.
(c)2015 Star Tribune. Distributed by Tribune Content Agency, LLC.
Photo: Ciaran McGuiggan via Flickr