Home » Featured » Currently Reading:

More Secure EMV Chip Readers Lacking at the Pump, Parking Meter, Metro Ticket Machines, ATMs, ETC.

June 12, 2019 Featured No Comments

Credit cards have changed a lot in my lifetime. The magnetic stripe didn’t appear on the backs of cards until the 80s. My first credit card, for department store Montgomery Ward, didn’t have a magnetic stripe at all. Before the magnetic stripe was days before merchants & banks learned of fraudulent sales.

In 1970, the credit card’s magnetic stripe had its first big test when it was rolled out in a joint pilot project by American Express, American Airlines and IBM at Chicago’s O’Hare Airport. IBM accepted the team’s recommendation to adopt the technology in 1973, and it rolled out bank cards and employee ID cards.

However, it wasn’t until 1980 that the price of the technology became acceptable to Visa and MasterCard, Svigals says. The original cards cost about $2 per card to produce, he says, but with economies of scale and improved production methods, they came down in price and cost less than 5 cents per card to produce just before MasterCard and Visa came on board.

Now a swipe of a credit card or debit card in an electronic reader sends the customer’s information to the bank that issued the card. The bank’s computers verify that the cardholder has sufficient credit or funds to cover the purchase and can either approve the request or decline — all within seconds. (CreditCards.com)

When I began working at Toys ‘R’ Us in 1983 we could swipe the card’s magnetic stripe to get an approval, but we still had to make an impression of the card to write the approval number on. All these impressions were guarded like cash, submitted daily with bank deposits.

Criminals got better at creating fake cards with stolen magnetic stripe information. Rather than wait for the government to step in, card issuers decided to switch to the EMV chip cards already in use in the rest of the world. This began almost 4 years ago:

Before October 1, 2015, any time a consumer’s credit card was duplicated and used for purchases, the bank would refund the fraudulent purchase to the store, with the understanding that the bank could have done more to prevent the fraudulent transaction from occurring. This created an incentive for the bank to verify the cardholder’s identity.

Starting October 1, 2015, that liability for fraud shifts from the bank to the store in cases where the bank has provided an EMV credit card but the store has not upgraded to an EMV terminal. The logic behind this is that the credit card issuer did everything in its power to protect the consumer, and the store ultimately dropped the ball, so to speak. This creates the incentive for both the bank and the store to upgrade to EMV — so the bank can avoid refunding fraudulent transactions and the store can avoid losing money on fraudulent transactions. If neither the credit card nor the store is EMV-ready, then the traditional liability rules apply. (NerdWallet)

It is important to note the end user isn’t responsible for fraud — this is a shift from bank to retailer accepting cards. Most stores have upgraded their equipment by now, longer deadlines were set for other transactions.  Pay at the pump, for example.  From December 2016:

Citing technological and regulatory challenges, Visa, MasterCard and American Express recently announced that the U.S. deadline for installing EMV (Europay, MasterCard and Visa) chip-card readers at automated fuel pumps has been extended to Oct.1, 2020 from Oct. 1, 2017.

More than 1.7 million merchants—or about one-third of all U.S. stores—now accept chip cards, and the nation has already seen a 43% reduction in counterfeit-card fraud among merchants using chip technology, according to Visa. However, selling fuel comes with a complex set of challenges, and gasoline retailers need more time to make the mandated upgrades.

Companies now have three more years to migrate from traditional magnetic stripe-based payment card scanners to chip readers before they would incur any financial liability for fraud perpetrated at the point of sale (POS).

The new liability shift deadline for gas pumps is a little over a year away. My husband pumps the gas in our car, but I’ve had him looking for EMV pumps for a couple of  years now. To our knowledge none exist in the St. Louis region.

One of St. Louis’ newest gas stations, ZOOM Gas on Tucker, doesn’t have an EMV chip reader. However, it is NFC enabled for mobile payment.

When shopping I prefer using ApplePay rather than a physical card, but I frequently have to get out my wallet to retrieve a physical card. When I do I hope there’s an EMV chip reader — I don’t trust magnetic stripe readers — these could contain a skimmer.

All our parking meters accept credit cards now, but none read the secure EMV chip.
I’ve yet to see an ATM with an EMV chip reader.
In Chicago this past weekend we ate one meal at a national chain — they’d taped over the EMV chip reader on the end of their equipment! Yes, I’ve complained to the company.
Metro’s ticket machines at MetroLink stations lack EMV chip readers.

Eventually our cards will no longer have the magnetic stripe and we’ll enter a PIN to verify transactions — like the rest of the world does.

While many of us are ready to go completely mobile, many prefer physical cards. Our POS infrastructure has to change with the EMV replacing magnetic stripe.

In the recent non-scientific Sunday Poll most correctly think the EMV is more secure than magnetic stripe.

Q: Agree or disagree: The magnetic strip on the back of credit/debit cards is just as secure as the new EMV chip.

  • Strongly agree: 1 [5.26%]
  • Agree: 0 [0%]
  • Somewhat agree: 0 [0%]
  • Neither agree or disagree: 1 [5.26%]
  • Somewhat disagree: 0 [0%]
  • Disagree: 6 [31.58%]
  • Strongly disagree: 9 [47.37%]
  • Unsure/No Answer: 2 [10.53%]

While I know I won’t be responsible for fraud, the lack of EMV readers at businesses tells me they don’t take issue of security seriously — I don’t like the hassle of getting replacement cards frequently.

— Steve Patterson


Comment on this Article:



Unable to display Facebook posts.
Show error

Error: (#10) This endpoint requires the 'manage_pages' permission or the 'Page Public Content Access' feature. Refer to https://developers.facebook.com/docs/apps/review/login-permissions#manage-pages and https://developers.facebook.com/docs/apps/review/feature#reference-PAGES_ACCESS for details.
Type: OAuthException
Code: 10
Please refer to our Error Message Reference.