EMV or eCommerce: Are security efforts in the right place?

Data shows EMV use was minimal in POS transactions during the holidays, but online transactions rose.

Regardless of the deadlines and fines, studies show that a majority of retailers didn’t even have their chip card terminals turned on during the holiday shopping season. One can only conclude that retailers wanted to stick to what they were used to, valuing efficiency over security.

A study conducted by Consumer World revealed that “although virtually all of the 48 national and regional chains queried have installed checkout terminals with chip card technology, most of them didn’t work. Only 11 chains of the 48 accept chip cards chain-wide.”

This means that the shoppers at 37 national and regional chains were still vulnerable to credit card fraud and the retailers at risk for fines as the retailers continued to use the more vulnerable magnetic stripe transaction method.

While point-of-sale security was minimal, eCommerce transactions soared

As we ponder the risk-reward decision of many retailers to stick with the magnetic stripe transactions, it’s important to take a look at the shopping results from the online world:

  • Cyber Monday reached $2.28 billion in desktop online spending, up 12 percent versus year ago, representing the heaviest online spending day in history and the first day of the 2015 season to surpass $2 billion in sales.
  • Total digital spend on Cyber Monday, when inclusive of comScore’s preliminary mobile commerce estimates, reached $3.118 billion, a 21-percent annual gain vs. $2.586 billion spent on Cyber Monday 2014. This marks the first time in history that total digital spend surpassed the $3 billion milestone in a single day. Mobile commerce is estimated to have accounted for 27 percent of total digital commerce on Cyber Monday 2015, with $838 million spent via smartphones and tablets. With online shopping increasingly easier for customers as more options are available to them, it’s not difficult to see that this trend will continue to rise.


Payment security strategies to address the future

This data shows that banks should be looking at payment security with two questions in mind: 1. How will our future strategies cope with the significant volume increase for card-not-present (CNP) transactions over the next few years? and 2. What if the majority of that volume comes from mobile devices?

Banks and merchants need to make sure their payment strategies take into consideration the future of cybercrime, rather than react to fraud or other security breaches. A proactive approach will take collaboration (merchants, issuers, Payment Service Providers) and sharing of data in order to innovate before the fraudsters even have the chance. That is the only way we’ll be able to find and maintain the balance between security and customer experience.

Shopping volumes continue to surpass our expectations year over year. The shift from retail to e-commerce continues at a rapid pace with no signs of decline, creating both opportunities and problems for merchants and issuers alike.

With the changes that we’re seeing, the strategies that we’ve been successfully deploying up until now are unlikely to be the strategies that keep us competitive in the future. The slow migration to EMV will push more online transactions due to the natural human behavior of yearning for the most convenient shopping experience.

But with more online transactions come more fraud attacks. And with mobile entering the picture, we must be sure that our strategies include the most innovative technologies to support our fight.

For more information or material that may help with the EMV Migration or related material, please visit ca.com/payment-security.

Mitchell Muro is based out of CA Technologies’ Santa Clara office in California and is…



Insights from the app driven world
Subscribe Now >
The Sociology of Software >How (Not) to Lie with Data Visualization >DevOps and Cloud Computing: Exploiting the Synergy for Business Advantage >