Connect with us

Hi, what are you looking for?


Mobile & Wireless

Will the U.S. be Able to Fend Off the EMV Card Standard Invasion? Probably Not for Long.

EMV Chip Credit CardAs they say…”Old habits die hard.” It’s ironic that Americans are still using traditional magnetic strip payment cards more than 15 years after chip and PIN digital technology, also known as EMV smart car

EMV Chip Credit CardAs they say…”Old habits die hard.” It’s ironic that Americans are still using traditional magnetic strip payment cards more than 15 years after chip and PIN digital technology, also known as EMV smart card, first hit the market in Europe. We continue to rely upon the 50-year old magnetic stripe (aka mag-strip) technology allowing organized crime to easily skim information directly from the cards with simple card reading devices purchased online for less than $100. Over the past few years, computer hackers have managed to access and exploit a rich supply of mag-strip information, from several leading retailers and a credit card processor, to successfully ratchet some high profile thefts. However, the ever mounting cardholder data fraud (over $8.6 billion in 2008, according to Aite Group’s study) and the emergence of new non-traditional payment technologies, such as contactless and mobile payments, seem to be pressuring merchants and card issuers in the United States to consider migrating to EMV-ready cards and POS (point of sale) architecture.

Why EMV?

EMV-enabled cards, the shortened name of the card created by its original creators Europay, MasterCard, and Visa, use an embedded microchip and a personal identification number (PIN) to validate the card, the consumer, and the payment transaction instead of a cardholder’s signature. The chip and PIN cards use dynamic data to provide greater security to credit card transactions. According to EMVco, the EMV standards body, there are currently more than 1 billion (yes, with the “B”) EMV-enabled cards in circulation with a 36% annual adoption rate being accepted in more than 22 countries around the world.

EMV Chip Growth

Looking at the EMV adoption map, the chip and PIN payment technology is fast becoming the leading global card payment standard. Even our two neighbors North and South of the border – Canada and Mexico – are in the process of migrating to chip and PIN cards to become EMV compliant. (Sidebar, this will leave the U.S. in a potentially risky situation, sandwiched in between two more secure credit card environments, and it is thought that we could become the new playground for credit card fraud.)

Consider the following advantages of EMV-enabled cards:

• More secure against payment card fraud than the current mag-stripe cards with data encoded in a magnetic stripe on the back of the card

• Offers enhanced cardholder verification methods (e.g. a unique PIN combination)

• Stores and maintains significantly more information than mag-stripe cards; adding additional layers to help authenticate the card and prevent fraudulent transactions

Advertisement. Scroll to continue reading.

• A transaction-unique digital signature in the microchip proves its authenticity in an offline environment and prevents criminals from using fraudulent payment cards

• Protects cardholders, merchants and card issuers against online transaction fraud through a transaction-unique online cryptogram

Why is the U.S. Resisting EMV?

There are two opposing camps in the political fight of EMV’s US adoption. On one side, there are multi-national merchants desiring to reduce credit card fraud and annual costs associated with card acceptance. On the other side, issuers and other financial institutions are less than enthusiastic about the thought of changing the status quo from existing mag-stripe payments. Their resistance to change stems primarily from two main reasons: the cost of migration to EMV and profitable revenues associated with the current interchange fees.

According to, there are 608 million cards held by U.S. consumers, with an average of 3.5 cards per consumer that would have to be re-issued and replaced with EMV-enabled cards. Change to the current U.S. payment infrastructure is neither simple nor inexpensive and would require close to $12.7 billion (according to an Aite Group Report “Encryption: The Best of an Imperfect Bunch) to migrate to the EMV architecture. Who would shoulder most of the cost? Most likely, merchants would be burdened with the majority of the cost. Obviously, this would likely produce pushback from smaller more price sensitive merchants that would be impacted by the costs associated with implementing new technology.

So Will EMV Come to the U.S.?

The migration to EMV in the U.S. is inevitable. We can anticipate that there will continue to be a strong push to migrate to a new chip and PIN payment architecture in the United States \ fueled by multi-national merchants who have seen fraud/chargeback benefits from implementations in other parts of the world. The migration will be neither fast nor inexpensive, requiring a hefty investment in new technology and new processes. Both merchants and consumers will need to continue to build a compelling business case for migration to chip and PIN cards in order to convince issuers and acquirers to change the payment infrastructure that is currently in place. The pace of the migration will depend upon further growth in new EMV card markets, adoption of new technologies, and applications that provide consumer and merchant benefits.

How long will it be before a major U.S. issuer puts its EMV cards in circulation is anyone’s guess… but then, “Rome wasn’t built in a day either.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.