The security of transactions and payments is a hotly debated topic around the world. Which methods are most secure? Which should we all adopt? And why one over the other?
But before we start diving more into the debate on this topic, how about a simple introduction? Let’s define some of the major terms and security issues that you will often see discussed:
This is a type of card that is capable of storing and transferring data within a magnetic stripe. The information is read by swiping past a magnetic reading head. If you’re in the US, this is likely what you are familiar with on your credit card, debit card, public transportation card or even ID card for your office. Typically, you are asked for your signature at a POS when using your magstripe card.
EMV, which takes its name from Europay, MasterCard and Visa, is a global standard for payment cards that is based on micropressor chips. These are often called IC cards or “chip cards.” A computer chip is embedded in the card and associated with a PIN. The owner must supply the PIN to allow for the card’s processing. This use of a PIN to identify the owner is considered more secure than the use of a signature, as you use with magstripe cards.
Chip and PIN:
This is another name for EMV cards or the EMV standard.
CNP stands for Card Not Present. This is a type of transaction made with a card in which the cardholder does not or cannot physically present the card to the merchant. For instance, CNP transactions often take place over the phone or Internet. CNP transactions can be major sources of credit card fraud, as it can be difficult for the merchant to authorize the user’s identity. When you make a purchase in person, you may be requested to prove your identity with a photo ID, signature or PIN. However, in a card not present transaction, there isn’t an easy way to authenticate you are who you say you are.
Now we are seeing more instances of contactless payments, in which the user can wave a card, device or fob over the POS system to make the transaction. This type of payment uses radio-frequency. Near Field Communication (NFC), for instance, is a set of standards for smart devices to establish radio communication when in proximity with one another. Security risks include malware and interception of the transaction. However, since smart cards and devices often have more than one use, the owner only has to replace the one card or device if it is lost or stolen.
Keep an eye out on our blog, cyberSAFE webinar series and social media channels for more on this topic as we begin to take part in the debate. In the meantime, what do you think about each type of card? What about each type of transaction? Join the conversation on Twitter, Facebook and LinkedIn.