Despite its age, the EMV payment card standard has stood the test of time due to its constant evolution. Each EMV update has resulted in greater security, yet fraudsters have remained undeterred in their efforts to find workarounds. And with the final major bastion of magnetic-stripe cards finally converting, fraudsters will be more motivated than ever to break the standard.
What to Look For
Growing pains associated with the continued EMV rollout at merchants and issuers will continue to contribute to missteps that open the door to spoofed EMV transactions. Working around improvements to data authentication, fraudsters have proven that they can manipulate the authorization process by physically altering the card. Learning from this success, evolutions of this scheme will appear across markets. Criminals will continue to attack the tamper-resistant EMV chip, forcing major industry stakeholders to innovate. This will include the provisioning of tokens to EMV-enabled chip cards similar to that of the EMVCo standard used by Apple Pay, further intertwining the fates of EMV and mobile proximity payments.
Key Business Considerations: What Does It Mean?
- Process implementation: Early-stage efforts to upgrade their authorization processes to accommodate EMV have exposed processors and issuers to fraud.
- Product integrity: The EMV chip is a tamper-resistant microprocessor, but with similar hardware technology powering mobile payments, criminals will be more motivated than ever to crack it.
- Transaction authorization: The EMV authorization process also forms the basis of many mobile proximity payment schemes, further motivating fraudsters to find vulnerabilities in both.