Would NFC smartphones have helped at Target?

Matt Hamblen

Duncan said "there are many different views" on the way security works with EMV, which has meant the NRF won't take a position on the EMV standard "until there is more clarification."

Yankee NFC chart
Use of smartphones embedded with NFC technology for mobile payments is increasing, but still has a long way to go. (Source: Yankee Group)

Yankee analyst McKee said some payment card issuers have already begun the EMV rollout process in the U.S., but he conceded that EMV is not the magic bullet against fraud.

"I don't believe EMV would have prevented breaches like at Target and Neiman, but it certainly would have lessened the impact significantly," McKee said. "NFC-based payments on smartphones align very closely with EMV and would serve similar benefits [to PIN and chip cards]. Without question, chip-based payments, whether through a physical EMV card or an NFC-enabled smartphone, are considerably more secure than magnetic stripe transactions."

Banks and credit unions have made it clear that what happened at Target and Neiman Marcus could not have been avoided entirely had there been widespread use of EMV in the U.S.

"We shouldn't get hung up on a particular payment channel, whether it's a chip on a card or in a phone or software or using barcodes at Starbucks," said Michele Johnson, director of legislative affairs at the Credit Union National Association (CUNA). She said that before EMV smart cards can take hold in the U.S., there will probably be a need for a hybrid card with both a chip and a magnetic strip, so consumers can buy things at stores where smartcard terminals are not installed.

Updating consumer payment security will be "a very massive undertaking," Johnson added. "It's important to know that EMV would not have made that big of a difference at Target because a physical PIN and chip card doesn't address online fraud where a card is not present."

Rather than focus on a particular payment technology, the CUNA believes "there should be some level of responsibility for companies like Target [when there's fraud] and we want to see a credit security framework. We would like Congress to look at merchants and their responsibility," Johnson said.

McKee said the October 2015 EMV deadline will push wider adoption of NFC smartphones and payment terminals, although it's clear that Americans are still wedded to their old magnetic-stripe credit cards given what has so far been limited use of mobile payment service Google Wallet and Isis.

The pathway to better consumer credit security is unclear, politically charged and will probably involve Congress stepping in to act in some way. "There will never be a silver bullet to prevent fraud," McKee said. "Building a system so secure that it eliminates all fraud would render it unusable.".

Previous Page  1  2