Credit Card Security Microchips

02 Jun 2009

Tags: security|microchip

Digg! Delicious! Technorati! StumbleUpon! Facebook! Google! Yahoo! Windows Live! Ask Jeeves! Mister Wong! Fark! Reddit! Spurl! NetVouz! SlashDot! Furl!

If you've noticed merchants inserting your credit card into the EFTPOS terminal, rather than swiping it, your card contains a security microchip.

But why the change? And how do chips make your credit card more secure?

French banks began embedding security microchips into their debit cards as early as 1992. In 1993, Visa and MasterCard reached agreement to begin utilising the technology in their debit and credit cards, with the first version released in 1994.

With the exception of the US, there has been significant deployment of the technology in both cards and merchant equipment worldwide. Visa and MasterCard have already issued more than 400 million chip cards and in Europe and Asia, the technology has already demonstrated a reduction in credit card fraud.

Traditional credit cards use a magnetic strip on the back of the card to store information such as your card number, cardholder name and expiry date. When the card is swiped or inserted into an ATM terminal, that information is read and used in the transaction.

Unfortunately, magnetic strips are not secure. ATM skimming devices can read the data from the magnetic strip and criminals can then use that data to create a 'clone' of your card. When coupled with your PIN (which they obtain from a hidden pinhole camera or a fake keypad) fraudsters have enough information to access the funds in your account from any ATM.

Enter chip technology: new credit cards now contain a 3mm x 5mm embedded security microchip which stores a unique, random value. This value is encrypted and cannot be copied. When you use your card in a transaction, your card's unique value is used to create a unique transaction ID which is then validated by your card payment system company (e.g. Visa, MasterCard etc).

Without your card's unique value, criminals cannot create a functional cloned card.

The chip often contains additional security features such as embedded security software and a hologram to help deter counterfeiting.

Some cards also use radio frequency identification (RFID) so the card can be read by a contactless scanner, similar to the ID badges used for physical access control in most office buildings. These cards are ideal for when the transaction processing needs to occur quickly, such as on mass-transit systems etc.

The chip does not contain any additional personal information (only the card number, cardholder name and expiry date).