EMV Chip Card Technology Leaves the Job Undone

The following is a guest editorial written by Michael Boukadakis, the founder and CEO of Enacomm, a leading provider of intelligent customer interactions technology.

EMV chipOnce upon a time, any enterprising hotwiring thief on the street could drive off with a new sports car with some quick handiwork – car keys did not always contain chips that act like passwords to individual cars’ computers. Since 1995, all new vehicles have been required to come with transponder or intelligent “chip” keys. This year, the financial industry embraces its own chip technology with the Fraud Liability Shift date of October 2015, when retailers will be held accountable for security breaches involving “EMV” (Europay, MasterCard, and Visa) chip-enabled cards if using a payment terminal that cannot read these high-tech wielding pieces of plastic. According to the Aite Group, 70 percent of US credit cards and 41 percent of US debit cards will be EMV chip-enabled by the end of 2015. All retailers—from big box to mom-and-pop stores—will need to upgrade to payment terminals that can verify the validity of these new cards with EMV chips.

Embedded computer chips make EMV cards far more difficult to clone, yet it is important to understand that financial institutions, retailers and consumers will still be left vulnerable, because counterfeit cards only account for about 37 percent of credit card fraud, and card fraud itself is just one piece of the larger fraud pie. In addition to security issues with stolen chip cards and card not present transactions, such as an online purchase where a payment card is not physically handed over, fraudsters break into online bank accounts and hijack high-risk transactions. While chip technology will go a long way to thwart false reproduction of credit, debit and prepaid cards using stolen information, chip technology falls short in protecting against the full spectrum of financial fraud.

Federal Financial Institutions Examination Council (FFIEC) guidance recommends and sometimes mandates the use of multi-layered, dynamic forms of customer authentication, versus archaic, static methods. Passwords, PINs and invariable security questions—formerly the go-to security methods—are easily compromised and can be added to the list of cracks in the defense against financial identity fraud.

Voice biometrics, on the other hand, is a proven method of identification that is perfect for multi-layered authentication systems. Used by government intelligence agencies worldwide, voice biometrics technology is even more reliable than fingerprinting. By conducting sophisticated analysis of hundreds of voice characteristics, a bank, credit union or prepaid company can accurately identify and authenticate a customer in real-time.

While PINs and other authentication data can be breached, a person’s voice cannot be compromised or stolen. Fraudsters can forget any ideas to gain unauthorized account access with others’ voice recordings or “replays”. Next-generation technology can request words, numbers and phrases in random order, rendering recordings and even stolen voice prints useless.

Whether faced with brute force attacks, credential sharing, hacking, Phishing, Vhishing, credential resets, Internet searches or social engineering, voice authentication harnessing biometrics offers better defense than traditional methods of identity verification—and there’s nothing for the customer to remember or lose. The technology is supremely reliable with a 99.99 percent success rate.

Voice authentication technology can identify a customer’s voice in the middle of a noisy sports arena, a construction zone or on a public bus by separating the background noise from the voice print. It works in any language and with any regional accent. Even if someone has gone hoarse or is speaking with a lowered voice, biometrics technology can authenticate a person via his or her spoken words in real-time.

Fraud, identity theft and security breaches have increasingly infiltrated America. Fortunately, harnessing voice authentication to foil fraudsters is simple. No core integration and no IT staff is required, and adding the technology to new or existing IVR, mobile application and or call center systems is turnkey. Using multiple authentication channels, customers’ identities can be confirmed using inbound or outbound calling, texts or a mobile web browser. And when a customer dials the call center, for example, he or she can be authenticated while on the line.

Biometrics authentication technology has improved along with the underlying communications channels, reducing the cost of a single authentication to pennies per instance. Its value is underscored by the $18 billion that fraudsters stole from consumers in 2013, according to Javelin Strategy & Research.

Thanks in large part to chip technology, the estimated number of motor vehicle thefts has declined 43.5 percent since 2004, according to the FBI. But the financial industry faces different challenges than the auto industry, and chip-enabled cards are not enough. Voice biometrics technology is just starting to take hold in the auto industry, but banks, credit unions and prepaid companies can easily deploy the technology now on a widespread scale to help finish the job in the fight against fraud.

March 24, 2015 – by Michael Boukadakis