COMP1

Click to E-mail

Differences and Benefits
of EMV

There are two major benefits to moving to smart-card-based credit  card payment systems: improved security (with associated fraud  reduction), and the possibility for finer control of "off-line"  credit-card transaction approvals. One of the original goals of EMV was  to allow for multiple applications to be held on a card: for a credit  and debit card application or an e-purse. With current processing  regulations in the USA, new issue debit cards contain two applications ” a card association (Visa, MasterCard etc.) application, and a common  debit application. The common debit application ID is somewhat of a  misnomer as each "common" debit application actually uses the resident  card association application.

EMV chip card transactions improve security against fraud compared to magnetic stripe card transactions that rely on the holder's signature and visual inspection of the card to check for features such as hologram. The use of a PIN and cryptographic algorithms such as Triple-DES, RSA and SHA provide authentication of the card to the processing terminal and the  card issuer's host system. The processing time is comparable to online  transactions, in which communications delay accounts for the majority of the time, while cryptographic operations take comparatively little  time. The supposed increased protection from fraud has allowed banks and credit card issuers to push through a 'liability shift' such that  merchants are now liable (as from 1 January 2005 in the EU region) for  any fraud that results from transactions on systems that are not EMV  capable.

Although not the only possible method, the majority of  implementations of EMV cards and terminals confirm the identity of the  cardholder by requiring the entry of a personal identification number (PIN) rather than signing a paper receipt. Whether or not PIN  authentication takes place depends upon the capabilities of the terminal and programming of the card. For more details of this (specifically,  the system being implemented in the UK) see Chip and PIN.

Under the old system, a customer typically had to hand their card to a sales clerk to pay for a transaction. When credit cards were first  introduced, merchants used offline portable card imprinters (mechanical  rather than magnetic). They did not connect to the card issuer, and the  card never left the customer's sight. The merchant had to verify  transactions over a certain limit by telephoning the card issuer.

Later, equipment electronically contacted the card issuer, using information from the  magnetic stripe to verify the card and authorize the transaction. This  was much faster, but had to be in a fixed location. Consequently, if the transaction did not take place near a terminal (in a restaurant, for  example) the clerk or waiter had to take the card away from the customer to the card machine. It was easily possible at any time for a dishonest employee to swipe the card surreptitiously through a cheap machine that instantly recorded the information on the card and stripe; in fact,  even at the terminal, the criminal could bend down in front of the  customer and swipe the card on a hidden reader. This made illegal  cloning of cards easy, and a common occurrence.

Since the introduction of Chip and PIN, cloning of the chip is not  feasible; only the magnetic stripe can be copied, and a copied card  cannot be used on a PIN terminal. The introduction of chip and PIN  coincided with wireless data communications technology becoming inexpensive and widespread. Merchant personnel can  now bring wireless PIN pads to the customer, so the card is never out of the cardholder's sight. (This would have been possible with magnetic  stripe cards had the technology been available.) Chip and PIN and  wireless together reduce the risk of cloning of cards by surreptitious  swiping.

Home | About Us | Request More Info | POS Systems | Computer Services | EMV Compliance | History | Differences and Benefits | Chip Differences | CNP Transactions | Commands | Transaction Flow | Control of EMV Standard | EMV Documents | Vulnerabilities | USA Implementation | FAQ | Contact Us |

Southernmost POS Systems & Consulting, LLC
a division of
The Whole Nine Yards, LLC

138 East Sandy Circle - Big Pine Key, FL 3304303132
USA Toll Free: 877.771.8226 - Local: 305.433.5542
Fax: 305.851.8035 or 305.489.0365
Cell: 305.924.2781