WASHINGTON (6/29/15)--EMV payment card technology represents an “important step forward,” said Federal Reserve Board Governor Jerome H. Powell, but security should not stop there.
Speaking at the Kansas City Federal Reserve Bank last week, Powell outlined his thoughts on safer payments systems.
“For many years, traditional authentication methods like signatures and static passwords have been used to verify that an individual is authorized to initiate a payment. New approaches to authentication increasingly offer greater assurance and protection,” he said. “Given the current technologies that we have at our disposal, we should assess the continued use of signatures as a means of authenticating card transactions.”
EMV (Europay/MasterCard/Visa) involves the use of chip-enabled payment cards and terminals. Powell said that stakeholders in the payments system should keep searching for new approaches to authentication.
“It is important to layer security tools and procedures. Methods to devalue payment data, like tokenization and encryption for data at rest, in use, and in transit, mitigate the effect of a data breach. Analytics can identify and prevent fraudulent transactions,” he said. “Firewalls and segmentation of technology supporting critical functions can protect networks from outside attacks.”
As previously reported in News Now, a recent study estimated less than a quarter of merchants will be EMV-ready by Oct. 1, the date when liability for card-present losses shifts to the entity with the least amount of security.
For more information on EMV, card management, and how the changes in liability impact your credit union, read our article EMV: The Chargeback Liability Shift and How It Impacts Credit Unions.