Fraudulent US ATM withdrawals on the rise - Javelin

Am I or am I not surprised?  And I bet the the answer is going to be that we need more security around the PIN and the protection of the PIN.  Hogwash and Piffle!  

With the widespread use of PIN-protected POS transactions, PINs are now very easy for the fraudster to harvest.  In Chipland this is of little consequence as the strength of the consumer payment proposition lies with the card and not with the PIN.  The weakness in the US is a result of card technology that 9-year olds can compromise in their bedrooms.  It's all too easy: I have the card details, I have the PIN, I have all of your money.  In Chipland, this just isn't the case: even if I have the PIN, without the REAL card, capable of generating a real ARQC, I can't do a thing.

The bottom line is that regardless of the security measures that we might impose to protect cardholder data, the truth is that the card data remains in the clear and valuable - and vulnerable! 

Why is it that we seem to be selling security as a remedy for stupidity?

Chip and PIN - Resistance is Futile, You will comply.

Yes, crunch time for a centralised US decision on Chip and PIN implementation must be getting closer.  Until they adopt it the pain is going to get worse......................isn't it nice having something that Europe can agree on?

This research adds further weight to the argument that non-EMV compliant regions will become ever more vulnerable to fraud as criminals desert those parts of the world that have already implemented the EMV standard. With their neighbours migrating to EMV over the next couple of years, arguably the US could be shooting itself in the foot by avoiding the short term challenges that migration would incur.

Currently, US banks are putting off migration due to a number of factors, not least the cost involved in upgrading POS terminals and ATMs such as new software platforms required to facilitate integration with EMV kernels and new EMV transaction message types. Moreover, banks will also need to consider the long term changes to ATM maintenance as they will need to implement extensive automated testing procedures to ensure ATM uptime is maintained following EMV migration. As a result, the US is deploying interim measures against skimming which are clearly meeting with limited success.

The costs involved with EMV will be more than outweighed by the benefits. Experience from countries such as the UK and Saudi Arabia has shown that they must seriously consider migrating to Chip and PIN and getting rid of the magnetic stripe card if they are to make significant headway in the fight against card fraud. Clearly the time for action is now if US banks are to maintain customer trust, reduce the cost of fraud and avoid singling themselves out as an easy target for fraudsters.