As the EMV card fraud liability shift took place on Oct. 1, ABA President and CEO Frank Keating pointed out in a Huffington Post op-ed that the chip in the new cards is a big advance in protecting customers’ data. “The chip protects customers by creating a one-time transaction code that renders financial data nearly impossible for criminals to replicate, sell or repackage,” Keating wrote.
Keating rebutted claims by some in the retail industry that personal ID numbers are also necessary at the point of sale. “Many in the retail industry are muddying the waters,” he said. “It is the chip that matters, not the PIN. Static four-digit PINs are incapable of thwarting sophisticated hackers or disguising sensitive credit card information once stolen.”
PINs are only useful for stopping fraud in the rare and declining cases when cards are lost or stolen. They provide no value against the vast majority of card fraud today, which takes place via counterfeit cards and online transactions. “The more time we spend discussing PINs instead of the real issues facing consumers, the more we risk letting the true enemy — criminal hackers — stay one step ahead,” Keating wrote.