PCI Community Meeting - EMV Chip Update

September 10, 2014, Michael Matteo, Regional Sales Manager

Randy Vanderhoof, Executive Director, EMV Migration Forum (EMF), presented the EMV Chip Update today at Day Two of the PCI Community Meeting.  The session provided attendees with insights into the EMV chip migration process in the U.S. and how this impacts PCI security efforts. Additionally, we were given an excellent historical view of EMV from a worldwide perspective as well as the preparations that have been underway in the United States for the past several years. 
 
The adaptation of EMV in the United States has been particularly challenging for the following reasons:

  • No one wants to bet on a singular solution
  • The U.S. has the largest number of issuers and acquirers in the world
  • Shopper behaviors are changing: the way they make purchases (e.g., mobile payments, web-based payments, etc.) continue to evolve as technologies improve
  • Debit transactions presented a unique challenge due to the number of key players and bringing everyone together on a unified solution
    • 13-16 Debit Networks with their own solutions/platforms
    • Durbin Amendment implications
  • Realizing the U.S. had $5.33 billion in fraud last year alone (2013), it represents a very small number when compared to the amount of transactions processed overall through the network

But being late to the game is not always a bad thing:

  • We have the opportunity to learn from looking at the worldwide rollout of EMV – both successes and failures
  • It  has allowed us to incorporate newer and evolving payment solutions
  • Key players across the pond and in Canada (Barclays, etc.) have built infrastructure in the United States to assist with rollout and full support
    • POS machines, cards, chips and the like have been designed and tested according to specs and lessons learned
  • We understand that EMV will not eliminate fraud; it’s an evolution in the process to mitigate fraud across an ever-evolving payment landscape

An impressive fact that was discussed during this breakout session was that there are already two billion EMV cards in consumers’ wallets worldwide; the U.S. will bring another billion online – this means that many consumers and merchants already possess the capabilities.
 
EMV isn’t the magic bullet that many think it is; however, it is another important layer of protection for cardholder data that when used in conjunction with PCI standards, helps create a more secure payment system.

Michael Matteo

Author

Michael Matteo — Regional Sales Manager

Recent Posts

Post Topics

Archives

Tags

2.0 3.0 access Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff cloud CoalfireOne Compliance credit cards C-Store Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Ed Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi wireless women XSS