As consumers await their new EMV chip credit cards and tackle the learning curve that comes with new technology, scammers are taking advantage of the confusion.
The intent of the new card is to make shopping more secure, but scammers are luring consumers into providing personal information with phony emails.
The new cards include a chip that creates a new transaction ID every time it's swiped at a terminal. Since the ID changes every time, it's harder to make fraudulent charges. This isn't the case, however, for items bought over the phone or online.
With the roll out of the new cards underway, scammers posing as representatives from credit card companies email consumers to confirm their order for a new card. Consumers can confirm a new card by clicking a few links within the email or replying with personal information. The links install malware onto a consumer's computer and any personal information can be used to commit identity theft.
According to the Federal Trade Commission (FTC) there is no reason that your card issuer needs to contact you by email or phone to confirm a new card. Much like when an old card expires, a new one will be automatically sent to you. Links in emails shouldn't be trusted unless you type in the address yourself and see that the URL begins with https to signal a secure website. If you're still unsure if the email or call you received is a scam, contact your credit card provider using the number on the back of the card.
State Attorneys General Want Credit Card Companies to Provide PINs
As we discussed earlier, the new chip cards are supposed to make shopping more secure. But, several consumer advocates and state attorneys general believe the cards are missing a key element to make them even safer: a PIN.
In Europe, where chip-and-PIN cards have been used for quite some time, consumers are required to input a PIN when they make a purchase, much like one would do when paying with a debit card. The American versions of the card don't necessarily require a PIN, opting instead for the not-as-secure signature.
Some credit card issuers will provide a PIN, but they aren't obligated to. Credit card companies have said that requiring a PIN would add another burden to the consumer who has to remember the number. In a letter to major credit card companies, nine attorneys general rebuked this claim.
We believe any burdens will be minimal and justified by the dramatic security improvements offered by this technology. Many American consumers are already accustomed to using PINs in financial transactions, including those involving debit cards. Furthermore, a poll conducted in November 2014 indicated that American cardholders are supportive of chip and PIN technology.
The attorneys general are requesting that credit card companies make the PINS a required part of a transaction in order to better protect the consumer. Retailers, who could be on the hook for fraudulent transactions, are also in favor of including a PIN.