Have you formed an opinion yet on the topic of chip-and-PIN versus chip-and-signature cards? Maybe you saw the recent news that many U.S. banks are leaning more toward the latter, which is less secure. I wondered about the reasons for this since other countries have already predominantly adopted the more secure chip-and-PIN. However, before diving in further, we cannot forget that any card with a smart chip and the EMV security standards is more secure than cards with only a magnetic stripe.
On the PIN vs. signature topic, I found some great insights in an article by Brian Krebs of Krebs on Security in which he interviews industry experts from Aite Group and Gartner Inc. I highly recommend you read it, but following is a summary of two key considerations at play.
Ease of Use
Chip-and-signature takes the lead, being quicker and easier to use at the point of sale. Chip-and-PIN requires the extra step of entering the correct PIN (personal identification number). If the cardholder forgets the PIN, he or she would need to pay a different way or abandon the purchase altogether. These are not good outcomes for the card-issuing bank or your card program.
Then there is the issue noted by Jack Jania, Gemalto Inc., during my 2014 interview with him: limitations of the current U.S. ATM infrastructure to manage card PINs in the field. Since the PIN is tied to the smart chip, it is not easy to reset. As a last resort, the bank might need to reissue the card, which is another hassle for everyone.
Protection for Lost or Stolen Cards
The advantage here goes to chip-and-PIN since a lost or stolen card would require a fraudster to enter the correct PIN in order to use it. With a chip-and-signature card, a fraudster could forge the cardholder’s signature at the point of sale and/or use the card at an unmanned kiosk or terminal.
Given the above plus other nuances, each bank needs to decide what makes the most sense for its business. If you are an end-user organization, ensure you understand what type of card you have, requirements for usage, what could go wrong and how to resolve any issues.
For more on EMV, see the related webpage.
Related article: Banks Opting For Less Secure Signature Cards, January 6, 2015, PYMNTS.com.
About the Author
Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more…