Shopping can be a confusing scenario these days.
When we walk into some retail stores like Target or Best Buy, we hear an increasingly familiar buzzer sound going off all around us, signaling customers with chip credit and debit cards that it's time to pull their cards out of the machines.
Yet, we then head into our neighborhood grocery store or dry cleaners and see tape over the insertion slot for chip cards, reminding us to swipe our cards, because the store has not yet implemented the new chip-reading technology, even though Target and Best Buy have had it for months.
What's going on? It's a puzzle that still surprises many financial experts.
It's been over six months since major credit card companies Visa and Mastercard announced a new policy that shifts responsibility for fraudulent purchases made with stolen credit cards into the hands of the retailers where the purchases were made — that is, unless the store has switched over to chip readers by the Oct. 1, 2015 deadline.
Banks have already sent customers all over the country replacement credit and debit cards that contain the new embedded chip technology. But experts are left saying, what good are they if the stores still aren't equipped to accept them?
Are chip credit, debit cards really more secure than swipe cards?
Chip cards utilize what is called EMV technology, or Europay/Mastercard/Visa technology, named after the three companies that set the new chip card standards. Every time the chip inside the card is activated during a transaction, it creates a new, unique transaction code to confirm the purchase and convey the cardholder's information to the store.
Swipe credit and debit cards use the same transaction code to confirm a purchase and relay cardholder information every time they are used. Therefore, it is much easier for criminals to skim that code and use it to make fraudulent purchases, experts say.
Experts say the integrated circuits in the chips are nearly impossible to duplicate.
Sounds good — but not all experts are convinced. Representatives from the FBI said chip card technology is not as perfect as it sounds.
“The new EMV chip cards were designed to help curtail credit card fraud; however, there are still vulnerabilities with these cards," a representative from the FBI's Criminal Investigative Division Financial Crime Section told The Washington Times.
What's taking so long for businesses to start accepting chip cards?
It’s a two-step process for a business to start accepting chip cards.
First, businesses have to install new card readers that allow customers to insert their card into a slot for the chip to be read. This alone can easily cost a business hundreds of thousands of dollars or more.
Secondly, once they have the new machines installed, they have to wait for officials from the credit card industry to come and certify the machines before they can begin being used.
Many companies are complaining that they have been waiting months for an official to come out and certify their machines.
A security expert with the National Retail Federation, told U.S. News & World Report, “The banks made a huge deal about setting a [Oct. 1] deadline, and then dropped the ball. All the card readers you see [in stores] are evidence that retailers have done their part."
Are chip card transactions really longer and more frustrating?
Many retailers have admitted they purposely waited until after the 2015 holiday shopping season to start the process of converting to chip readers, because they say the transactions take longer, especially for customers who are still getting used to how it works.
Whereas a customer can usually swipe their magnetic credit card in the reader, and within a second or two see that their transaction is processing, it takes a little longer with chip readers.
First of all, there can be confusion over when you are supposed to insert your card. If you insert it too soon, you have to remove it, and sometimes the transaction has to start all over again.
Once you do insert your chip card into the slot at the appropriate time, it takes longer for the system to read the chip and approve the transaction. Compared to around five seconds for swiped cards, it can take about 20 seconds for a chip card to process.
All in all, experts estimate that a chip card transaction takes a full 60 seconds longer than a swipe transaction. Bearing that in mind, it's easy to see why not many stores wanted to make the switch during the holiday shopping season.
The process is getting a little better as months go by, though, an employee with Discover Card told technology blog Gizmodo. Credit card companies are working with retailers to try and help speed up the process.
Are there still things consumers should be doing to protect themselves with chip cards?
Chip cards are a step in the right direction, but there are always ways consumers can increase their personal financial and identity-related security.
1) Sign up for alerts/notifications from your debit and credit card providers. Register your accounts online, and most companies offer a way you can opt to receive a text alert on your phone or an email whenever a transaction is made on your account. This way you find out immediately when a fraudulent transaction is made.
2) Change your passwords regularly with online retailer accounts. We all have sites we go back to again and again to purchase things from online, such as Amazon, Target.com and others. You should change your passwords at least four times a year.
3) Find out if your bank offers virtual card numbers, and ask for one. A virtual account number is a unique number you can use when shopping online to relay your personal and account information to the merchant, rather than typing it in. This helps shield your information from online hackers and prevents it from being stored within the merchant's system.
4) Review your card accounts regularly for suspicious activity. Do you review every transaction on your debit or credit accounts each month before paying the bill? You should. The sooner you catch fraud, the quicker you can minimize and correct any damage.
5) Stick to online retailers with secure sites. Simply look for the “s" in “https" at the front of the site's URL. If it doesn't include that extra “s" (which stands for “secure"), don't shop there.
6) Consider enrolling in an identity monitoring and restoration service such as LifeLock. If you ever have money stolen due to identity theft while a LifeLock member, a U.S.-based Identity Restoration Specialist from LifeLock will personally manage your case.