Why EMV?

Why does the world care about EMV? The first, second and third reason is about stemming fraud losses. While there are some reduced operational costs via the decrease and automation of customer disputes, these are relatively minimal. People also point to the exciting potential of new, value-added products such as loyalty schemes, online banking two-factor authentication and national identification, but EMV’s impressive reduction of fraud losses dwarfs the benefits of these products. Case in point: from 2001-2010, UK card fraud dropped by about 50% with EMV smartcards.

EMV security suppresses fraud by attacking it from two fronts – detecting counterfeit cards and verifying the card holder. As the U.S. embarks on its path to EMV adoption, anybody involved with the transition will need to understand Card Authentication Method (CAM) and Customer Verification Method (CVM). To ensure a card’s authenticity, cryptographic capability on the card supports CAM where each EMV card is issued with its own set of keys specific to the card, rather than the portfolio or bin range. Through cryptography, the technology can roll in elements of the transaction so that the card cannot be skimmed, copied and then replayed in another transaction. In Canada, detection of counterfeit cards is so reliable that Canadian issuers “whitelist” EMV chip-on-chip transactions, whereby they virtually ignore these transactions with the confidence that they are authentic. Getting these transactions out of their cross systems eliminates the “white noise” and allows them to hone in on the fraud that is taking place on more suspect transactions.

CVM comes into play to verify that the card holder is the actual card holder. The card issuer sets up the verification parameters, which can range from online PIN, offline PIN, signature if there is no pinpad to contactless tap and go. How effective is this? In the UK, 50% of card fraud losses in 1999 were comprised of lost/stolen and mail non-receipt issues; with EMV in full swing in 2009, these two types of fraud accounted for only 13% of card fraud.

According to the UK Payments Administration: Fraud Facts 2010, the U.S. was the destination of choice for U.K. fraud abroad from 2006-2009 by two to three times more than the next fraud migration recipient. With the U.S. finally setting the stage to roll out EMV, it will no longer be theworld’s easy target for fraudsters and the global weak link in terms of card fraud.