- The Tech Night Owl — Cutting-Edge Tech Commentary - https://www.technightowl.com -

Chip Cards: The Price of Security

Smart credit cards, or chip cards, were popular in Europe long before they debuted in the U.S. Here, financial institutions were complacent and believed that existing technology was secure.

Now chip cards use integrated circuits to provide greatly enhanced security. One common problem they are designed to circumvent is credit card skimming, a process that hacks a card reader and grabs your card information. It’s particularly vexing and the data even includes your debit card’s pin number, which grants access to all of the money in that account.

That situation began to change in 2014, when tens of millions of credit cards were compromised due to high-profile break-ins at a number of merchants, including Target. As an occasional Target customer, this was particularly disconcerting, and it so happens that one of my bank accounts was compromised, but not until the following year. The bank wasn’t terribly informative about where and how the intrusion occurred — so I’m not certain it was the result of the Target intrusion — and I didn’t lose any money as a result. Still, American banks are now rushing to incorporate the technology into their cards.

Without going into details, I have one debit card without chip support. But my wife, who has an account at a different bank that she shares with our son, received a chip card on the last revision.

The extra security is welcome, and I’m awaiting for my bank to replace my debit card with one that has the chip. However, the price of security means that transactions can be awkward. The price of safety I fear, and those of you in the U.S. with chip cards will understand. I’m not at all sure how well it works in Europe.

Take a typical purchase at Walmart, which recently upgraded its point-of-sale terminals to support both chips and Walmart Pay. The latter is their answer to Apple Pay and is evidently meant to replace the failed CurrentC mobile payment technology. It uses a QR code and a special Walmart app to make and record your purchases. Since I haven’t tried it, I cannot attest to its ease of use, but it does appear to be clumsier than Apple Pay, which requires an iPhone with an NFC chip or an Apple Watch.

In any case, on a recent visit to Walmart, I took my wife’s debit card with me. If you’ve used one, you’ll realize that you no longer swipe the card. Instead, you insert the left edge of the card into a special slot at the bottom of the terminal. Rather than remove the card once it’s read, the chip card must stay in the terminal until the transaction is concluded, and the processing steps can be fairly sluggish compared to a regular credit card.

When I went to my wife’s bank to withdraw some money via an ATM machine, I got to see further downsides to the process. While some banks swallow your debit card whole, other financial institutions allow you to insert the card and remove it as soon as it’s read. But not so with a chip card. Rather than withdraw the card, once again it has to remain inserted until the final step in the transaction. You have to wait extra minutes as the ATM slogs through the process. Worse, the bank my wife uses still has a message on the screen saying you should just insert and remove the card from the reader even though that’s not correct when you use the chip card.

Ah, the price of security.

While I welcome the added protections — who wouldn’t? — I do not welcome the clumsy way in which the technology has been implemented in this country. Even when a bank’s information menus appear to have been modernized somewhat beyond the 1990’s Windows-style interface that many display, it does seem as if the ATM’s microprocessors are barely able to cope with chip cards.

I would like to believe that this is just a first generation technology, that, as ATM interfaces, many of which are based on Windows, improve, things will get decidedly better. It does seem as if the chip card technology has been tacked on, rather than developed from the ground up. That will hardly convince customers to want to stick with the chip cards, not that they necessarily have a choice once a new card is issued.

Oh, and I checked my bank’s site, and they do offer chip cards. While I’m not enamored of the technology, or its lack of performance, having been bitten by fake charges a time or two, I would prefer to enhance the protection, so I plan to request one. True, the bank supports Apple Pay, and those transactions are reasonably swift, but few of the merchants I deal with have opted to work with Apple. I suppose that’ll change some day, since the Apple Pay user base and merchant support continues to grow. In saying that, though, it does appear that, after trying the system a few times, some customers prefer to return to the credit card since they prefer to pull out a card rather than schlepp an iPhone out of their pocket or purse. Well, there’s always an Apple Watch, but the user base is still quite small.

The message here is that extra security for your bank or credit cards is important, but when the process of using them becomes cumbersome, customer adoption will be slow. But this is a U.S.-centric view. I would love to hear from our readers in Europe about their experiences with chip cards.