Security Flaw in Credit Card Chip System Revealed


Payment technology company firm NCR has discovered a new security flaw in the upgrade in the credit card chip system in the United States.

At the recent Black Hat computer security conference in Las Vegas, computer security researchers unveiled how they had found a way to bypass the chip’s security features, according to CNN.

A card will still have the magnetic strip attached to it so that they can still be used to purchase goods and services from a merchant that has yet to upgrade to EMV-enabled terminals.

However, according to CNN, the computer security researchers showed attendees how thieves are able to simply rewrite the magnetic stripe code so that it appears to act like a chipless card. This means that thieves are capable of counterfeiting, which is what they were doing before cards were issued with chips.

This flaw in the system could, essentially, keep merchants from upgrading their payment systems.

According to CNN, retailers could end up spending millions of dollars to transfer over to EMV and still not protect their customers. Not only that but the makers of the payment terminals keep producing machines where encryption is not by default.

That means that if the merchants are unaware of the requirement for encryption, they may think that the cost of upgrading to EMV, which can cost as much as $600, isn’t worth it.

In the U.S., fraud is reported to have cost retailers around $32 billion in 2014, an increase from $23 billion in 2013.

Featured image from Shutterstock.