Print 74 comment(s) - last by Rukkian.. on Feb 6 at 1:31 PM

Smartcards have tiny microprocessor chips instead of magnetic strips

Target was the victim of a major security breach over the holiday season last year, and as a result, the retail chain is calling for the implementation of smartcards. 

John J. Mulligan, chief financial officer and executive vice president for Target, wrote his company's case for smartcards in The Hill this week, saying that the business community in the U.S. needs to embrace the new technology together.

Smartcards, unlike current credit and debit cards used in the U.S., have a tiny microprocessor chip that encrypts the user's personal data shared with the merchant's sales terminals. Traditional credit and debit cards have a magnetic strip instead, which hold's the user's information, but can clearly be compromised. If a smartcard number is stolen, it's useless without the microchip. 

To show Target's dedication to the smartcard cause, it's speeding up its goal of bringing its REDcard smartcards to all Target stores by early 2015 -- six months earlier than its previous goal. The chain is making a $100 million investment in the technology to accomplish this goal.  

Mulligan also noted that the requirement of a four-digit PIN number with all smartcard transactions could further protect customer information. 


Target said other countries like Canada and the United Kingdom have already deployed smartcards, and that cases of lost or stolen cards have decreased since they've done so. However, the U.S. is slow to adopt the technology because the cards are expensive to produce, and merchants, issuers, banks and the networks haven't found a way to share the costs. 
"The reported attacks on Target and Neiman Marcus underline the need to do more," said Mulligan. "At Target, we know we have work to do. For years, we made significant investments in security. We had multiple layers of protection in place. But we still came under attack by sophisticated, global criminals. We will do everything we can to further strengthen Target's systems."
Target attempted to deploy chip-enabled cards around 10 years ago, but since it was the only retailer to do so on that scale, it failed. The cards were too expensive to produce, and since Target was the only one with such a card, customers couldn't use it elsewhere, making it inconvenient and a bit confusing. 
Target's breach ran from November 27 through December 15, where customer information like their names, card numbers, expiration dates and CVV verification codes were compromised. Around 40 million customers had their credit cards compromised and 70 million had their customer records stolen.

Source: The Hill

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Ummm...
By DNAgent on 2/4/2014 3:33:38 PM , Rating: 0
Right. Instead of requiring everyone to get new cards and merchants worldwide to roll out an entirely new system, how about merchants like Target just..oh I dunno...adequately protect and monitor their POS systems?

RE: Ummm...
By retrospooty on 2/4/2014 3:39:47 PM , Rating: 4
Actually, it wouldn't be worldwide, we are already behind in the US.

Any waiter at a restaurant can take your card info when you pay. Any order entry clerk at any online order fulfillment can get your code.

RE: Ummm...
By imaheadcase on 2/4/2014 4:18:55 PM , Rating: 3
The difference is its insured for such things so not a huge deal.

None of the smart cards can prevent the theft of using it online. Not only is target wasting its 100million investment, its wasting it on the wrong technology needed.

RE: Ummm...
By lagomorpha on 2/5/2014 1:26:22 PM , Rating: 1
None of the smart cards can prevent the theft of using it online

Here's an idea: put a USB port on the smart card. Then when you want to buy something online instead of typing in your card number you plug the card into a USB port, the credit card company sends a message to your computer which gets signed by the card which verifies you have your actual card and activates the sale.

That way you can make online transactions without your card's information ever leaving the card itself.

RE: Ummm...
By Cargan Ricman on 2/5/2014 2:03:57 AM , Rating: 2
Chip+Pin is a 100% effective defense against the evil waiter attack.

RE: Ummm...
By krotchy on 2/4/2014 3:41:56 PM , Rating: 5
If you have traveled internationally in the last 5 years you would realize that the US is pretty much one of the last Countries still using the magnetic stripe on credit cards.

Last time I was in the UK, Mexico, Holland and a few other countries, they could only process my swipe card by pulling out a old dusty processor from the back room. Everyone had a Chip+Pin card.

RE: Ummm...
By RapidDissent on 2/4/2014 4:10:26 PM , Rating: 2
This is pathetic considering I've been to stores which still use imprinters and carbon sales slips. With the taxes phone lines pay to proliferate telephone infrastructure to rural America, there is ZERO reason not to be using a network enabled card reader in the 21st century.

RE: Ummm...
By retrospooty on 2/4/2014 5:31:41 PM , Rating: 2
"Last time I was in the UK, Mexico, Holland and a few other countries, they could only process my swipe card by pulling out a old dusty processor from the back room. Everyone had a Chip+Pin card."

Exactly... We are really behind here in the US. Not that any system is 100% foolproof, but in the US, any waiter at any restaurant can write down your info when they take your card to pay and go buy anything with it...

RE: Ummm...
By Murloc on 2/5/2014 7:30:25 AM , Rating: 2
I've never seen a credit card without the chip in my life.

In the rest of the world it's everywhere, the magnetic strip-only cards are alive only in the US.

"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki