Why credit-card hackers love America
If you live in America and use plastic to make purchases, chances are you've been alerted to fraudulent activity on your account.
America is now the favorite haunt of credit-card fraudsters, with a report from Barclays finding that 47 percent of all global card fraud affects cards issued to U.S. residents, even though the U.S. only represents 24 percent of card volume, according to Quartz. Barclays didn't immediately return a request for comment.
While some might suspect Americans have a target painted on the back of their credit cards because they live in a rich country, there's actually a technical issue that's attracting criminals. The U.S. lags other countries in its rollout of cards that are designed to stymie fraud. Most American credit cards still rely on magnetic strips, which are easy to copy, while Europe and other regions have moved forward with chip-and-pin cards, also known as EMV cards, which stands for Europay, MasterCard and Visa.
EMV cards include embedded microchips that store customer data, which is considered more secure because retailers and card processors don't store the card data in their systems. With magnetic strip cards, the card number is released to the retailer, which is why so many American retailers -- from Target (TGT) to Staples (SPLS) -- have been hit by hackers in the last few years.
The statistics on EMV adoption show a startling bifurcation between the U.S. and many other developed countries. In Europe, about 84 percent of cards are now EMV enabled, according to trade group EMVCo. The adoption rate in the U.S.? A measly 7.3 percent.
The impact on fraud on countries that have adopted EMV cards is startling, according to data in the Barclays report cited by Quartz. The U.K., which began adopting the new type of cards over a decade ago, has seen a 70 percent reduction in counterfeit fraud since then, the report said.
The good news for American credit-card holders is that the U.S. is shifting to EMV cards, albeit slowly. In October 2015, credit-card standards go into effect that will change how liability falls between credit-card issuers and retailers. EMV compliance won't be mandatory, but liability for fraud will become the problem of the party that hasn't upgraded their systems. That's prompting credit-card issuers to send out cards with EMV technology, while retailers are scrambling to get their systems ready.
Still, recent studies have found that retailers are behind in upgrading their systems, with consulting firm The Strawhecker Group predicting that only one-third of U.S. merchants will be ready for the new cards by the October deadline.
The EMV cards that Americans are now receiving aren't without their faults, however. They still include magnetic strips on the back, allowing stores that haven't upgraded their technology to continue to "swipe" the cards, for instance. Consumers who buy through online vendors still have to enter their card numbers, providing another option for fraud.
In the meantime, American consumers need to be diligent about checking their card statements and calling their banks if they notice unusual activity. About 90 percent of consumers fail to check their statements, or give them only a quick glance. Fraudsters, on the other hand, will likely continue to be hard at work until the U.S. migrates to EMV cards.