Payment card chips fail to halt fraud, study finds

November 9, 2018

Of the more than 60 million payment cards that have been compromised or stolen within the past 12 months, chip-enabled cards represented a staggering 93%, according to results of a study released  recently by Gemini Advisory.

In 2015, the global financial industry began a massive migration to the EMV (Europay, MasterCard, Visa) standard in response to overwhelming levels of payment card fraud. The chip-enabled cards were supposed to provide end-to-end encryption during card-present transactions; and to prevent payment card counterfeiting.

However, the New York-based cyber consulting firm says—although most card issuers have adopted the standard—retailers and other merchants have failed to comply with the EMV implementation. 

Indeed, key findings of the study are alarming—among them:

With most large U.S. merchants fully transitioned to EMV, Gemini say that gas pump terminals and small/medium size businesses have become the victims of opportunity. Smaller businesses are only now beginning to understand the importance of EMV programs, as well as to provide a sufficient budget allocation toward them.

Because Gemini Advisory believes that criminal groups will always sway to the path of least resistance, the firm predicts that financially motivated threat groups such as Fin6  and Fin7 are likely to turn their resources toward small- to medium-size businesses with  between 10 to 50 locations.

The bottom line: Until EMV implementation is more widespread among U.S. merchants, Gemini Advisory recommends the usage of mobile payment systems such as Android Pay, Google Pay, and Apple Pay. Such payment systems are not susceptible to shimming devices or POS malware—making them the most secure payment method currently available.

Research contact: @geminiadvisory

 

Leave a Reply

Your email address will not be published. Required fields are marked *