Got a new credit card in the mail? Here’s why
(CNN) — Swiping your credit card could soon be a thing of the past.
Banks have been sending out new chip-enabled credit cards that have to be inserted and held in a credit card reader to complete a transaction.
These new cards look similar to your old credit cards, but now have a small metallic chip on the front. Think of the chips — called EMV microchips — as mini computers. They hold your payment data, which is currently held on the magnetic stripe, and provide a unique code specific to each purchase.
Chip-enabled cards aren’t new, they’ve been around for more than 20 years and are common in many areas of the world. But they are more secure than magnetic-striped-only cards.
“The microprocessor adds additional security data to the transaction each time the card is [used],” explained Randy Vanderhoof, executive director of the Smart Card Alliance.
Here’s what will change:
Thieves will have a harder time stealing your info
The magnetic stripe is easy to copy and use to create fake cards. Thieves commonly obtain a card’s data through data breaches and using card skimmers they install in places like ATMs and gas pumps. You can unsuspectingly give away your data when you swipe your card at a compromised machine.
“Everything a fraudster would need to make a duplicate was available by copying the stripe itself or stealing data from the merchant data system,” said Vanderhoof .
The new chips hold data specific to each purchase, so reproducing will be much more difficult.
“We have not seen a proven data breach of a chip card in an EMV market since it’s been in place,”said Owen Wild, security marketing director at NCR, which makes transactional software and hardware.
It will take a few seconds longer to check out
The check-out process will be a little different and a bit longer for consumers as the card authentication process unfolds.
“If a typical transaction is three to five seconds, what we’ve seen with the chips is five to 10 seconds,” said Wild. “It will have an impact on lines … especially in high-traffic areas.”
A signature will still be required when using a chip-enabled card.
You’ll see more new card readers in stores
While there’s no mandate for the new cards, retailers and banks do have a big incentive to upgrade by October 1.
That’s when new liability rules go into effect. Right now, the bank that issues the card ends up swallowing the cost of fraud. But starting in October, whoever has less protection will have to pick up the tab. In other words, a store that hasn’t upgraded could end up footing the bill for fraudulent purchases.
That means you’re likely to see a lot more of the new readers over the coming months.
Upgrading credit card reading machines can be costly for retailers depending on their size.
“For small mom-and-pop stores, you can buy a fairly inexpensive EMV-enabled terminal,” said Mark Nelsen, senior vice president of Risk Products and Business Intelligence at Visa ().
But for big-box retailers with more complex payment systems, the cost can be much higher. After its massive data breach at the end of 2013, Target (announced it would spend $100 million to upgrade to chip-enabled technology.)
The upgrade is also costly for the issuers, with cards costing about five times as much as magnetic-stripe only cards, according to Martin Ferenczi, North America president at digital security company Oberthur Technologies.
But don’t expect 2016 to be the year of no credit card fraud. It will take a few years for chip-based sales to become the majority of transactions.
While the protections are an upgrade to the current magnetic stripe-only credit cards, they still leave vulnerabilities. If your chip card is physically stolen, a thief would still be able to use it and there’s no added protection when shopping online.
But the technology will continue to evolve.
“The chip has a limited shelf life and has to be replaced every couple of years,” said Ferenczi.