Portals and Rails, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Portals and Rails and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
July 19, 2010
Soccer balls and payment cards: A push for global standards
I am generally not a soccer fan but over the past few weeks I found myself curiously engaged in that nationalistic spectacle called the World Cup. Despite my general disinterest in low-scoring games and Oscar-quality performances by slightly injured players, I got caught up in the intensity of play and extraordinary skill levels displayed by these world class athletes. Then one day a debate erupted regarding standards. Apparently, soccer balls are not standardized and the one being used seemed hard and "skitterish." How bizarre!
Of course, my thoughts immediately turned to a more consequential global-standards issue taking place in the payments card world—the debate about the United States' reliance on the magnetic-stripe card standard as opposed to the chip-and-pin standard being adopted throughout the world, including in neighboring Canada.
Chip-and-pin technology has been deployed in Europe over the last decade as a means of reducing fraud by using the enhanced capabilities of a computer chip embedded in the plastic card to store and manage customer authentication data. Its success has been widely documented in recent fraud studies. This standard has been implemented using a specification called EMV, an acronym of Eurocard, MasterCard, and VISA, the original founders of the standard. In fact, EMV is now a corporation whose ownership has been expanded to include JCB (a Japanese card company) and American Express. So, what's the big deal? We survived the soccer ball dispute, so can't we survive the fact that the United States is not on board with the emerging global payments card standard? The answer may be a resounding "No!"
Various reports from payments research firms such as AITE have suggested that as many as 10 million U.S. travelers experienced difficulties with incompatible card technologies when traveling abroad during the past year. I learned some time ago that the least expensive and most secure way to acquire cash overseas is from an ATM machine. I now foresee a time when I will have to ask a European hotel concierge for the location of an American ATM (one capable of reading mag stripes), only to find out the nearest one is two miles away.
So why doesn't the United States adopt the emerging global standard? While there are many technological and political issues in play, the bottom line is that the overall cost of deployment to the U.S. payments system as a whole, and to merchants specifically, is a staggering number made even more daunting by the current state of the economy and available investment dollars. The Smartcard Alliance estimates that as many as six million merchant terminal devices may need to be replaced or upgraded to embrace chip-and-pin technology, with the bulk of the cost falling on the shoulders of merchants. Consequently, we are left to assume that we are likely to have to travel a long and winding road to migrate to the emerging global standard.
This observation is not in itself calamitous since past roads to worldwide standards are littered with the relics of failure (remember the push to implement the metric system?), but the stakes here are considerably higher in two important ways. First, we may become the only substantial economic power dependent on a payments standard that is less secure than that of the rest of the world. That means that criminals, intent on profiting from card fraud, will continue to migrate to the United States in growing numbers. The second issue is that chip-and-pin technology is a critical element in progressing toward an even more secure and visionary goal—the deployment of mobile phone-based payments capabilities using a chip embedded in the phone. Industry conference agendas are crowded with sessions describing the way a smartphone can be waved near or tapped against a merchant terminal device using radio wave-based near-field communications (NFC) technology to capture the customer's payment credentials. Chips embedded in the phone, coupled with applications loaded on the phone from card-issuing banks, will create the effect of a "mobile wallet" that promises to be more convenient and, yes, more secure than what we use today.
So what should we do about this mess of the United States being out of step with respect to payments card technology? I would suggest that this issue could eventually reach the public policy level. Perhaps it is time for policymakers to consider whether migrating to an increasingly adopted world standard is in our best national interest. After all, we just mandated a move to digital television. While this change facilitated my ability to watch the World Cup in high definition, it cannot possibly be of the same importance as this brewing card issue. If we want to mitigate the possibility of the United States being a center of card fraud and enable our consumers and business folks to travel abroad more easily, it may be time to charge someone in government with developing a well-thought-out, participatory, multi-year plan to move this country to the emerging global payments card standard.
By Rich Oliver, executive vice president, FRB Atlanta's Retail Payments Risk Forum
TrackBack URL for this entry:
Listed below are links to blogs that reference Soccer balls and payment cards: A push for global standards:
- What’s Unsettled in Faster Payments?
- Consumer Prepaid Protections May Be Catching Up with Prepaid Use
- Virtual Currency Environment Still Fluid after Latest Rulings
- ISO 20022 in the United States: What, When, Why, and How?
- Let's Talk Tokens, Part III: What Problem Does Tokenization Solve?
- Mobile Biometrics: Ready or Not, Here They Come
- Starting Off on the Right Note with Mobile Enrollment
- Let's Talk Token, Part II: Distinguishing Attributes
- New ACH Return Rate Threshold on the Horizon
- Let’s Talk Token: Authenticating Payments
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud