Device Hardening and Continuous Compliance Monitoring CONTINUOUS COMPLIANCE

Three times as many credit cards will be chip-enabled by the end of this year as debit cards, making slower banks ideal targets for cybercriminals.

According to Deborah Baxley, the Principal for Cards & Payments at Capgemini Financial Services, a projected 25% of debit cards are anticipated to be ready by the end of this year, in comparison to about 75% of credit cards estimated to be chip-enabled. 

The reason for this uneven transition to EMV migration is due in part to unique requirements of the U.S. debit card system and recent regulations that are part of the Dodd Frank Financial Reform Act, which now requires debit cards to have the option of routing to different debit networks.

The banks currently have the upper-hand, for example, say the bank has issued a chip card, but a merchant has yet to upgrade their system to handle these chip-enabled cards, the card then turns out to be fraudulent, and now the merchant will be held liable for the full amount of the fraud.

Banks are currently held accountable, but by migrating to the chip-based cards before merchants do, the banks stand to benefit, at least until merchants catch up with them.

As more and more banks issue out the new chip-based cards, cybercriminals will have smaller amounts of targets to prey on. But the banks who are currently lagging behind the rest, they’ll become progressively more attractive targets for cybercriminals.

Once all banks & merchants have successful migrated to the chip-based cards, criminals with credit card numbers from incidents like the Target and Home Depot data breaches will have a much more difficult time using the stolen credentials.

If someone takes a stolen credit card number and uses it to create a counterfeit card, then attempts to use the card to purchase something, a new point-of-sale system would be able to clearly identify it as a card that was supposed to have a chip in it.

“If it doesn’t see a chip, then the transaction would fail. That’s what supposed to happen,” Baxley stated.

In addition to these new chip-based cards, it is the merchants responsibility to use end-to-end encryption and tokenization to fully protect the payment information of its customers.

 

Read the full article on CSO

Read more on PCI DSS Compliance 

Read more about EMV Migration 

Share this blog post

Products
USA Offices
New Net Technologies Ltd
Naples
9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email USinfo@nntws.com
NNT Logo
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
email info@newnettechnologies.com
Connect with NNT
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Sign up to NNT's IT security and compliance monthly newsletter. Get breaking security news, how-to tips, trends and commentary direct to your inbox.

Sign up to the NNT newsletter