If you’ve received a new credit card with a chip in it, your in-store Black Friday purchases will be more secure this year — as long as the merchant has installed a chip card reader.
But if you’re planning to avoid the madness and do your shopping online, your chip card won’t protect you.
Here’s why that is, and what you can do to reduce your chances of fraud.
The limitations of EMV cards
The microprocessors in credit cards — known as EMV chips, for Europay, MasterCard and Visa — are not actually new technology. The standard was developed in the 1990s, says William Tran, a spokesman for digital security firm Gemalto. Back then, most credit card transactions took place in stores, not online.
“It was really introduced to solve the problems of traditional magstripe cards,” Tran says.
The data on a traditional credit card’s magnetic stripe is static, meaning it doesn’t ever change. Someone who intercepts that data can reuse it to commit fraud. EMV chips, by contrast, generate a new code for every transaction. Because the codes won’t work more than once, data from an EMV transaction is essentially worthless to a fraudster. EMV cards are also much harder to duplicate than cards that have all the data stored on a magnetic stripe.
EMV chips and online shopping
The EMV chip generates a unique code only when the card itself is inserted into a reader — that is, when you are making a purchase in person. When you buy something online, you enter the same information as always — your account number, the expiration date, and the card verification value, or CVV, usually a three-digit code found on the back of your card.
Gemalto is working to bring dynamic, hard-to-duplicate codes to online shoppers, but for now, you’re stuck with using static credit card information when you shop online.
Ellen Cunningham, a marketing manager in South Hadley, Massachusetts, is planning to look for a good deal on a tablet during the online Black Friday sales, probably at Amazon, Target or Best Buy.
“I know there’s risk to using credit cards online,” Cunningham says. She’s waiting for the day when she’ll be able to use a PIN with her EMV card, not just a signature. But because she knows she will not be liable for fraudulent charges, she’s not too concerned.
Even if you don’t get stuck with the charges, however, fraud takes time and effort to deal with. It’s important to protect yourself as much as possible.
How to shop safely online
There are several common-sense measures you can take to protect yourself when shopping online. Online merchants that require you to sign in before you make a purchase offer an added layer of security, especially if you choose a password that’s hard to guess, Tran says. He recommends taking advantage of two-factor authentication whenever possible. That means you have to not only enter a password, but also confirm your identity in another way, often by entering a code that’s sent to your mobile device.
You may also be able to avoid trouble by sticking to the websites of merchants you know well, and by making sure you’re entering your credit card information on a secure site. If the site’s Web address begins with “https” instead of just “http,” that means your private data will be encrypted.
Taking advantage of EMV
EMV chips do make in-store transactions more secure — if the store has installed a chip card reader. You may reduce your risk of fraud if you hit the Black Friday sales in person. But you can still do your holiday shopping online in relative safety if you exercise a little caution. That way, you’ll be spending the month of December enjoying family time instead of sorting out a fraudulent charge from your Black Friday shopping.
Image via iStock.