UPDATE: IT expert says US could have safer credit/debit cards - WKOW 27: Madison, WI Breaking News, Weather and Sports

UPDATE: UW-Madison IT expert says US could have safer credit/debit cards


MADISON (WKOW) -- As America continues to deal with the Target cyber-security breach that compromised the financial information of 40 million people, several IT security experts are pointing out that the technology exists to avoid such problems.

Nicholas Davis, a systems security specialist with the UW-Madison's Department of Information Technology (DoIT), is one such expert.  He tells 27 News most other industrialized nations employed something known as "smart card" technology for financial transactions years ago. 

Smart cards, widely used by banks and merchants in Europe and Asia, are credit or debit cards that contain a computerized chip that requires the user to submit a pin number each time they make a transaction.

"When you deal with a smart card and you've got the chip on it, when you are authenticating - meaning you are indeed who you claim to be during that transaction - the microprocessor on the card is actually verifying your pin and the retailer, such as Target, never actually sees your pin, handles it or verifies it in any way," said Davis.

If that technology were in place in the United States, a breach exposing millions of credit card numbers wouldn't do the same type of harm as it does now, because the criminals obtaining those numbers wouldn't have the pin information that goes along with them.  That means they couldn't use them.

"You have to have something that you know, that secret pin number known only to you, so that would be impossible for somebody else to fake, making it much stronger," said Davis.

Some credit cards in the United States now have chips, but only require a signature to verify.

"When I sign something, how do you really know it was me, unless you've seen my signature 100 times before?," asked Davis.  "So, somebody can easily fake that signature and nobody in the store is going to know."

Davis says cost and lack of convenience are the biggest reasons banks in the United States haven't switched over to smart card technology yet.

"Anytime you add security to any type of system you do make it somewhat more difficult for the end user.  And I think there is fear among the financial institutions in our country, that if we start adding pin numbers, if we start making people slide cards into a new type of reader, that might diminish the amount of credit card transactions that are taking place," said Davis.

Greg Neumann will have more on this story on 27 News at 5 and 6.

Powered by Frankly