Sunday 23 October 2016 | RSS


    News in brief

    Kroger sues Visa over EMV authentication

    News in brief

    US supermarket chain Kroger has filed a lawsuit against Visa for allowing customers to verify EMV purchases with a signature instead of a PIN. “Kroger said the dispute began after it was informed by Visa that the configuration of its new terminals didn’t comply with Visa’s rules,” The Wall Street Journal reports. “Visa’s rules require merchants to allow customers to choose between a PIN and a signature verification.” Walmart also sued the payment network for its EMV signature authentication option in May 2016.

    Filed by Email Rian Boden Published • Last updated 28 June 2016, 14:07

    • Willam Hugh Murray, CISSP

      This is a very troubling area. The use of a PIN with magnetic stripe is dangerous for the consumer. In one transaction, the consumer exposes all of the information necessary to counterfeit a card and monetize it at an ATM.

      It would be safer in a chip-only world, where cloning a chip and counterfeiting a card is much more difficult.

      In today’s environment, where cards have both a chip and a mag stripe, it is a little much to expect the consumer to know when it is safe to use his PIN and when not.

      The second form of evidence, PIN or signature, protects the merchant in that narrow window between the time that a card is lost or stolen and the time that it is reported and revoked in the system. The issuers are responsible for fraudulent use in this window, only they know how much fraud might be reduced by the use of PIN in this window, and they are the one’s to make the choice.

      The exception to this is when the merchant elects to batch transactions rather than authenticate each in real-time.

      What am I missing?

    More headlines...