Safer Ways to Pay

Here’s a quick multiple-choice quiz for you:

You’re at the checkout counter. When the cashier totals your bill, you:

1. Open your wallet and hand over a few bills and some change.
2. Whip out your checkbook and a pen, ignoring the sigh of the person in line behind you.
3. Swipe a debit or credit card.
4. Tap a button on your smartphone.

It’s likely that more of you fall into categories 3 and 4 than ever before. Very simply, the way we pay for goods and services is changing. For a lot of people, electrons are in, and paper is out. It’s all about convenience.

But, there’s a price to pay for that convenience: potential exposure to cyberthieves. That’s especially true in this country when it comes to credit cards. In 2012, the United States accounted for nearly a quarter (23.5 percent) of the world’s payment card volume – and nearly half (47.3 percent) of the world’s payment-card fraud, according to Nilson Reports. In 2013, payment-card fraud in the U.S. rose to more than half (51 percent) of the world’s volume. Retailers like Target, Home Depot, Kmart and scores of others have fallen victim to payment-system breaches, potentially exposing the private financial information of millions of shoppers.

At USAA, we’ve already replaced hundreds of thousands of credit cards of members affected by these and other breaches.

Why are American consumers particularly vulnerable? Debit- and credit-cards in the United States primarily use magnetic-stripe technology rather than the more secure “chip card” standard prevalent in Europe and elsewhere since 2004. The Europay, Mastercard and Visa (EMV) standard relies on cards that are embedded with a microprocessor chip containing payment account information. Unlike mag-stripe cards, each EMV transaction is approved using a unique authentication code that can’t be used again.

Two recent developments in digital payment technology promise to promote convenience while also lowering security risks.

The first is that the EMV “chip card” standard is gaining traction in America. By October 2015, liability for payment-card fraud losses shifts to the party – issuer or merchant – with the weakest, non-EMV security link. Merchants who have been reluctant to pay for upgrading their point-of-sale systems will have a strong incentive to switch to EMV. If not, it becomes a “pay now or pay later” model.

As more and more terminals become available to read chip cards, American banks will be converting their debit and credit cards to EMV. USAA began rolling out its EMV cards this fall and expects to be fully converted by early 2016.

While merchants are upgrading their point-of-sale systems, they are also considering incorporating a second emerging payment technology: Near-Field Communications (NFC). ApplePay and Google Wallet are two NFC applications that let shoppers pay for purchases by simply holiding their mobile devices near wireless readers.

NFC applications can be inherently more secure because they don’t make account numbers and identities visible. To process a purchase using ApplePay, a unique token is sent along with a dynamic, encrypted code – rather than your full account number or any personal information.

Apple and Google are busy enrolling new merchants and banks to join their systems – a Herculean task. At the launch of ApplePay, for instance, 120,000 point-of sale terminals out of 12 million terminals in the U.S. were signed up for ApplePay. On the banking side of the equation, USAA is one of several major banks to join ApplePay this fall.

Quick, easy, secure and accepted: all elements necessary for pay-by-smartphone and EMV payment-card technologies to reach critical mass. What does all this mean for all of us at the checkout counter? It means we can look forward to a wider choice of safer, faster and more convenient ways to pay.