Oh, and not all merchants are required to comply yet. Some, like gas stations, have additional time to comply. Plus, not all consumers even have EMV cards yet.
So was the whole October 2015 thing just a bunch of malarkey? Not entirely. It’s the first of several milestones in which the credit card industry is nudging U.S. merchants and consumers toward a more secure world, but it’s really just the first step. There are other milestones coming along in 2017 and 2018, but as of today, consumers can’t point to many major changes.
In some countries, like Australia, consumer payment cards no longer have magnetic stripes on them, and starting in August 2014, Australian merchants stopped allowing signatures to be used to authenticate transactions. Instead, consumers there must use a PIN entered on a payment terminal to authenticate and authorize a transaction.
So what’s a U.S. consumer to do? Sadly, we don’t have a great deal of leverage. If our accounts are compromised, we rely on our credit card issuers to replace the cards promptly, but we’re still faced with the unfortunate inconvenience of updating our card information everywhere we use and store those accounts. I should point out that when I got the call in October, my card issuer got a replacement to me, at no cost, the very next morning.
So here’s what I suggest:
- Whenever possible, avoid storing your account data on online sites. It’s not convenient to re-enter your card information every time you purchase something from a merchant you frequent, but keeping your information off of that merchant’s site is actually a good practice. Plus, there are excellent password and account number manager programs that help automate entering your account information when you need to.
- Use EMV, Apple Pay or other contact-free payment options when they’re available. If a payment terminal supports EMV, try it. If it doesn’t work, let the merchant know of your displeasure. (Yeah, I know that’s not likely to have much effect.)
- Consider a separate account for high-risk transactions (e.g., online sites where you store your account, or restaurants where the wait staff take your card out of your direct sight for payment).
- When your credit card issuer gives you the option of getting an EMV card, do it. I saw in an online advertisement that my favorite card had EMV, and I immediately called the issuer’s customer support and asked for one.
Apart from that, we can only dream of a more secure financial transaction future. I’ve had to go through the credit card compromise process now about five or six times, and I for one will be very happy when we’ve solved that problem.
Sign up for CIO Asia eNewsletters.