The chip and PIN system is designed to make it more difficult for criminals to cash in on credit card fraud. The magnetic strip system used in the United States only requires a signature to authenticate a purchase. This allows criminals who get their hands on victims' credit cards to start making purchases immediately, potentially charging up thousands of dollars before the card is canceled. More enterprising thieves can also use information gained by Internet hacking or skimming -- secretly swiping a victim's card on a card reader -- to "clone" copies of victims' cards.
Chip and PIN aims to make it more difficult for wannabe criminals to make fraudulent purchases by either of these methods.
"It's very difficult if not impossible to clone the (chip and PIN) card," says Andi Coleman, a member of the Accredited Standards Committee X9, which determines standards for the financial industry in the U.S. "If you steal the card out of someone's wallet, you have to know the PIN in order to be able to use the card in a transaction."
These built-in barriers to fraud have had a measurable impact on the types of in-store credit card fraud chip and PIN was designed to prevent. Total losses from such fraud fell from 218.8 million pounds ($356.5 million) in 2004 to 98.5 million pounds ($160.5 million) in 2008, according to statistics from the U.K. Payments Administration.
British credit card issuers sing the praises of the system. "Having a chip and a PIN method of identification and authentication is more secure than the magnetic stripe and the signature, so that's a benefit for both retailers and cardholders," says Mark Bowerman, a spokesman for Financial Fraud Action U.K., an affiliate of U.K. Payments Administration, an industry trade group.
Other benefits cited by Bowerman: Fewer paper receipts mean savings in processing costs for banks and retailers, and quicker transactions, on average, than conventional "swipe and sign" systems.
"It's more of a tangible benefit for retailers," says Bowerman, "because quicker transaction times mean shorter queues."
The greatest beneficiaries of chip and PIN, though, are the card issuers.
"(Chip and PIN's) main attraction to banks is the 'liability shift,' which is precluded in the U.S. by Regulation E," wrote Ross Anderson, a professor of security engineering at the University of Cambridge, in an e-mail. "This shift means that disputed transactions will be blamed on the customer if a PIN was used and the merchant otherwise. Thus, in theory, the bank would never again be liable. In practice it has not worked. You can't have a secure system if one party guards it and another party pays the cost of failure."
This "liability shift" has been a "good incentive'" for merchants to adopt chip and PIN, says Bowerman. Such a shift isn't possible in the U.S. because of rules set up under the Electronic Fund Transfer Act of 1978, says Steven J. Murdoch, Ph.D., a security researcher at Cambridge University. This is probably good news for U.S. consumers: Murdoch says that since the standard was fully adopted, it's been next to impossible for British consumers to recover money stolen in fraud.
"The banks get to effectively make up their own rules, and the rule they've chosen is that if your PIN is used, then you must have been negligent about protecting your PIN, therefore you're liable for the fraud," says Murdoch.
And because the loser pays legal fees in the British system, Murdoch says, few consumers risk a lawsuit that can end up costing many times the amount they've lost to fraud.
Who foots the bill for fraud is a big part of why the chip and PIN system was put in place in the U.K., said Anderson.
What's my motivation?
The other bill is for adopting chip and PIN. For American card issuers, the cost of implementing the new system may be prohibitive, says Coleman.
"The cost to produce and distribute a card to a customer is under $2. The cost to make and distribute a chip card to a customer is between $15 and $20," says Coleman. "If you take 30-plus-million debit card customers and multiply that out times $15 to $20 per person, you have to have a really significant fraud to be able to offset that cost."
Tax laws governing fraud losses and the way the industry is structured also diminish issuers' motivation to invest in expensive new technology, says Frank Abagnale, a secure document consultant in Washington, D.C.
"Because they're allowed to take a 50 percent tax write-off (on fraud losses) and in most cases take the other 50 percent and pass it on to the consumer and merchant through increased fees and service charges, they are basically not that concerned about doing anything about it," says Abagnale.
And don't expect retailers to be too eager to pay for a switch either, he says.
"You're telling the merchant that they have to buy a new machine," says Abagnale. "They've already purchased this one machine for $450. If you're a Kroger store or a Safeway or someone, and you have thousands of these machines, they're telling you now to go get a new machine."
Because U.S. laws put most of the onus for paying for fraud on card issuers rather than retailers, says Abagnale, retailers have little incentive to make the steep investment required to implement the change.
Criminals work around chip and PIN
But high cost and legal differences aren't the only reasons we probably won't see chip and PIN on our shores for a while, if ever. In the last few years, flaws in the system that threaten to erode security gains have been exposed.
"It certainly is harder to commit fraud with a chip and PIN system in place," says Murdoch. "But that doesn't mean that criminals will just give up and go take up gardening or flower arranging. They'll probably go and try to find a different kind of fraud, and they might be equally successful at that, and that's what we've seen in the U.K."
While in-store fraud has declined, losses from fraud involving transactions via phone and Internet, also known as "card-not-present" transactions, have exploded, going from 122.1 million pounds ($198.9 million) in 2003 to 328.4 million pounds ($535 million) in 2008. Losses from fraud conducted overseas using British consumers' credit accounts increased 249 percent since 2004, according to statistics from the U.K. Payments Administration.
"The fraud rates have just shifted," says Coleman. "Chip and PIN didn't really eliminate fraud, it just moved where the fraud happens from a card-present transaction to a card-not-present transaction."
Part of the trouble is that chip and PIN cards still have magnetic strips as a secondary method for making purchases, leaving retailers open to the same kind of cloning and stolen card schemes perpetrated before the advent of the system.
But expecting chip and PIN to eliminate fraud is unrealistic, says Abagnale. While in the U.K. for an interview in 2006, Abagnale experienced firsthand the furor caused by the first security breach of the system. Men in coveralls had gone to several Shell gas stations claiming that the machines were broken and needed servicing. The clerks agreed and stood there while the men modified the machines to steal customers' credit card information, much to the chagrin of U.K. consumers who had been assured of the new system's safety.
For Abagnale, the story underscores an axiom of security experts: "No matter what you develop, there's going to be someone who's going to find a way around it."
"The whole purpose behind all these technologies is to make it more difficult so that (thieves) will go somewhere else and you eliminate the amateurs," says Abagnale.
And that sort of incremental and ephemeral benefit may not be enough to justify the cost to issuers, businesses and consumers of bringing the system to U.S. shores.
If you're heading overseas, you'll most likely be able to use your American-issued mag-stripe card. Some travelers report that ticket kiosks at train stations or gas stations don't accept non-chip and PIN cards. So before you travel, be sure to plan ahead to purchase tickets or have cash to pay for gas.
At retail stores or restaurants, ask the merchant to swipe your card even if he says he can't accept it. Chances are it will work just fine.