A credit card’s magnetic stripe may have been cutting edge technology in the 1970s, but nowadays it’s a major point of vulnerability. Using illegal card readers, criminals are able to easily scan or copy the information kept on the card's stripe. If your credit card company has called to ask whether you bought a jumbo pack of marionette strings in El Paso, Texas recently, this may be because someone stole the info from your card's magnetic stripe.
To combat this kind of fraud, credit card companies have adapted EMV chips, the little tin-foil looking things on the fronts of new cards. Whereas a magnetic stripe is static when it comes to holding info, an EMV chip participates in every new transaction. When you pay for something, a cryptogram is produced and sent to the card issuer, who can authenticate you as the user. If a thief in El Paso tried to use a phony EMV-chipped card, the card issuer and bank would receive this info during the transaction itself, and his insidious marionette string purchase would likely be rejected on the spot.
“Even if the transaction data is obtained, it is much more difficult, if not completely useless, to attempt to replay that information and create fraudulent cards or transactions,” Seth Eisen, Senior Business Leader at MasterCard, tells mental_floss.
According to Eisen, 67 percent of U.S.-issued MasterCards have chips, and “an industry group has projected that 98 percent of cards issued in the U.S. would feature chips by the end of 2017.” Still, only about 1.2 million merchant locations in the U.S. have terminals that are capable of reading the chips. That's why you may have been told to insert your card chip-first at Trader Joe's even when the local Safeway asks you to swipe. Stores have to catch up, which is why, when it's time to get a new card, you’ll be receiving one with both an EMV chip and a magnetic stripe (at least for a while)—it's for backwards compatibility.
EMV stands for “Europay, MasterCard, and Visa,” the first companies to use the technology in Europe way back in the early 1990s. More banks and companies have hopped aboard, though the United States was unfashionably late to the party. Most credit card companies didn’t announce their plans to make the switch to EMV in the U.S. until 2012, and we’re still a ways away from every transaction being chip-based in the States.
And while EMV chips are effective against people committing credit card fraud in person, they are largely helpless when it comes to e-commerce transactions. As more and more purchases are being made online, criminals have learned to make the shift as well. According to a report from PYMNTS and Forter, online fraud attacks have increased 215 percent since 2015. The next time a thief wants to buy a jumbo pack of marionette strings with your credit card info, he'll likely do it from the comfort of his own home.