EMV Roundup: Security Flaw? Mobile Device Approval And Requirements Update

wvrwm95w-212

There was a host of stories last week on the occasion of the 10-month anniversary of the Oct. 15, 2015 EMV migration date. While there have been extensions to the date of transfer of liability from issuers to non-EMV enabled merchants, apparently the story writers couldn’t wait for the more traditional annual lookback. Major data thus far: the U.S. is the only region in the world where chip card usage is lower than chip card deployment and adoption, and is last by far of the globe’s six regions in both deployment and use.

Some real developments around EMV took place this past week though, as the pursuit of a more robust infrastructure and consumer acceptance continues:

–The U.S. Payments Forum, formerly the EMV Migration Forum, which helps oversee the U.S. chip-card migration, refreshed its EMV Minimum Requirements Matrix, a document that seeks to help all parties involved and invested in faster adoption of EMV.

The updates include the speedier EMV transaction solutions launched by the major card brands, important because the time drop might convince merchants worried about customer grumbling to more quickly implement EMV POS.

–Specification and testing firm EMVCo announced it can now approve confirmation of contactless mobile payment enabled devices can operate seamlessly with EMV Level 1 approved payment acceptance terminals. It can now take over this testing from the payment systems, which increases efficiency. The certification process includes wearables, tablets and smartphones.

“EMVCo recognizes that the use of mobile devices to make contactless payments is growing in popularity,” Jonathan Main, current EMVCo Board of Managers Chair, said in a press release. “It is important that the payments industry supports manufacturers’ product development cycles, while ensuring that the correct testing is undertaken to confirm that a product will be interoperable with the established payment infrastructure. The centralized testing framework from EMVCo will significantly streamline the existing process to optimize product time to market.”

–Security researchers at the early-August Black Hat Security Conference claimed that hackers could render a chip card ‘chipless’ and alter data from the card’s magnetic stripe for use by fraudsters. The stripe is still there on U.S. cards because of the slow adoption of chip-enabled terminals.

The researchers suggested to merchants that all transactions should be encrypted, a feature they have to pay extra for. The U.S Payments Forum, an advocate for EMV adoption, said the hack was on the stripe and not the chip, that the issuer would catch the altered stripe data before a transaction was processed fully, and that these types of crimes are exactly what EMV is designed to foil.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Click here to go directly to the site
or wait 0 seconds
.

Sign up to stay in touch!

Sign up to get interesting news and updates delivered to your inbox.


By submitting this form, you are granting: PaymentFacilitator.com, 7741 S Glencoe Ct., Centennial, CO, 80122, permission to email you. You may unsubscribe via the link found at the bottom of every email. (See our Email Privacy Policy (http://constantcontact.com/legal/privacy-statement) for details.) Emails are serviced by Constant Contact.

Sign up to stay in touch!

Sign up to get interesting news and updates delivered to your inbox.


By submitting this form, you are granting: PaymentFacilitator.com, 7741 S Glencoe Ct., Centennial, CO, 80122, permission to email you. You may unsubscribe via the link found at the bottom of every email. (See our Email Privacy Policy (http://constantcontact.com/legal/privacy-statement) for details.) Emails are serviced by Constant Contact.
Click here to go directly to the site
or wait 0 seconds
.