The U.S. was not an early adopter of chip-and-PIN credit cards, lagging behind major European countries and others. But more than a year after the official mandatory shift to this technology, the transition has reshaped most credit card transactions. As a result, the rate of credit card fraud is down sharply.

Catching Up With Chip-and-PIN Credit Cards

The compliance standard associated with these cards is known as Europay, MasterCard and Visa (EMV), after the card issuers that originally came up with it. The standard is now independently administered.

EMV became mandatory in the U.S. in October of 2015, at which point liability for fraudulent transactions using non-EMV cards shifted from banks to retailers. While most large retailers, which account for the majority of credit card sales, have adopted compliant card-reading technology, many smaller retailers have not yet shifted. That puts them at risk of fraud — and they could be left holding the bill for any monetary losses.

Chip-and-PIN credit cards contain a chip that communicates with EMV-capable card readers at the point of sale, generating a unique transaction code that makes fraud involving physical credit cards much more difficult.

The good news is that, a year after the shift in liability, chip-and-PIN credit cards are now widespread and used in most transactions. According to Arc, a study by MasterCard found that 88 percent of MasterCard-issued credit cards now contain the chips, and about 9 out of 10 cardholders use them. This represents a 38 percent increase since the new standard went into effect.

A Long Way to Go

Many retailers, however, continue to lag. MasterCard registered some 2 million EMV-compliant merchants, which represents about 33 percent of U.S. retailers. Some of the remaining two-thirds may not take MasterCard, but it’s clear that many retailers still have not adopted EMV-compliant card readers at their checkout stands.

That said, 1.3 million of the compliant merchants are described as “regional or local merchant locations,” representing a one-year increase of 159 percent. These merchants are making substantial progress toward compliance, even if they still have a long way to go.

The effect on fraud is striking. The level of fraud among compliant retail merchants is down by 54 percent, according to the MasterCard study. Meanwhile, the cost of fraud to noncompliant merchants increased by 77 percent in the period between April 2015 and April 2016.

As the reality of this divergence sinks in, retailers of all sizes will see a continuing incentive to adopt EMV technology to gain the full protection of chip-and-PIN credit cards.

Download the 2016 IBM X-Force Report on Security Trends in the Retail Industry

More from Fraud Protection

Kronos Malware Reemerges with Increased Functionality

6 min read - The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

6 min read

How Security Teams Combat Disinformation and Misinformation

4 min read - “A lie can travel halfway around the world while the truth is still putting on its shoes.” That popular quote is often attributed to Mark Twain. But since we're talking about misinformation and disinformation, you’ll be unsurprised to learn Twain never said that at all. In fact, no one knows who first strung those words together, but the idea that truth spreads slowly while lies spread quickly is at least several hundred years old. The “Twain” quote also serves to…

4 min read

A View Into Web(View) Attacks in Android

9 min read - James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

9 min read

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

4 min read - While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence Index 2022 named ransomware as the top attack type in 2021. What exactly is the DOJ doing to improve policing of cryptocurrency and other cyber…

4 min read