Protecting Your Credit Card With Chip and Pin

NEW YORK (MainStreet) — There are lots of reasons why America's credit networks remain insecure, but the two biggest are costs and liability.

It's obvious that the magnetic stripes on the back of current credit cards don't carry enough data to protect identities or transactions. Hacking is now done on an industrial, global scale. But solving the problem will take money, and banks want to pay for it by shifting the liability for fraud to merchants.

Authorities now think the recent Target breach began with eastern European hackers who got malware into cash registers and may have accessed central databases. It has resulted in the arrest of two Mexican nationals using the stolen numbers. The numbers were supposedly obtained online.

The Target breach makes clear that the mag-stripes on the back of today's credit cards, and the processing networks they connect with, can't keep up with what criminals can do to break them. Terminals and cards have to be replaced, and networks updated.

The solution is called "chip and pin" technology. It has been used on European credit cards for a decade. It isn't perfect but it's much better than mag-stripes.

Such cards use a computer chip called an EMV chip instead of a mag-stripe (EMV stands for Europay, MasterCard, and Visa, who cooperated in creating the technology). The chips contain a random number generator which creates a "digital signature" for each transaction using a four-digit PIN input by the customer. No data will get stored or transmitted "in the clear," and the encryption for each transaction is unique. Thieves can't use a stolen credit card without knowing the PIN number.

It will cost money to implement chip and pin. All consumers will need new credit cards. Merchants have to get new terminals. Clerks have to be retrained to use the technology.