Card Not Present Fraud , Fraud Management & Cybercrime

Can PINs Reduce Online Fraud?

Merchant Association Executive Outlines Her Argument
Can PINs Reduce Online Fraud?

Using signatures to authenticate transactions made with an EMV chip card, as planned by most U.S. banking institutions, is "worthless" because it won't help prevent lost and stolen fraud, says Liz Garner of the Merchant Advisory Group, a trade association that represents 85 of the nation's largest merchants.

The addition of the PIN, rather than reliance on signatures, can dramatically reduce fraud for both card-present and card-not-present transactions, such as e-commerce payments, contends Garner, who will be a featured speaker at Information Security Media Group's Fraud Summit Los Angeles on Feb. 24.

"We've seen a lot of card-not-present fraud grow," Garner says. "It's a travesty that here in the U.S. issuers are rolling out EMV without the PIN, because there are ways to capture card PINs online."

Garner says PINs provide an easy way to authenticate e-commerce transactions, in the same way the card-verification-value code is used today. And she contends that the PIN is even more secure than the CVV, because it can be changed at any time by the user.

"The CVV code is more static than the PIN," she says. "So the PIN is a more secure form factor because it is changeable."

Playing Catch Up in Card Security

Now is the time for the U.S. to catch up with the rest of the world in taking several steps to improve payment security, Garner says.

"There is not one silver bullet," she says. "EMV is one step in the right direction toward a less fraud-prone environment ... But there's a lot more we'd have to do on the back end to protect transaction flow by further enhancing point-to-point encryption, tokenization and other technologies that are being deployed around the world. ... It's unfortunate that with the simple security provided by even just the PIN, we're not seeing more issuers issuing EMV cards with PINs enabled on them."

During this interview, Garner also discusses:

  • The roles biometrics and one-time tokens could play in authenticating card payments;
  • Why contactless payments in the U.S. have been hindered by card-brand competitiveness; and
  • How retailers are addressing concerns about EMV's impact on the customer experience.

At the Fraud Summit in Los Angeles, Garner will sit on two panels aimed at addressing emerging payment card trends and emerging technologies, such as tokenization, designed to curb fraud losses. Registration for this event is now available online.

Before joining Merchant Advisory Group, Garner served as director of commerce and entrepreneurship at the National Restaurant Association, representing the restaurant industry before Congress and regulatory agencies about issues impacting restaurant and food service profitability and entrepreneurship. Garner's areas of expertise include retail and mobile payments, data security, privacy, emerging technologies, tax, finance and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.