Examining Users’ Understanding of Security Failures in EMV Smart Card Payment Systems

Abstract

New credit cards containing Europay, MasterCard and Visa (EMV) chips for enhanced security, and for in-store purchases (rather than online purchases) have been adopted considerably in recent years. EMV supposedly protects the payment cards in such a way that the computer chips in a card referred to as chip-and-pin cards generate a unique one-time code each time the card is used. The one-time code is designed such that if it is copied or stolen from the merchant system or from the system terminal, it cannot be useful for creating a counterfeit copy of that card or counterfeit chip of the transaction. However, in spite of this design, EMV technology is not entirely foolproof from failure. This paper dis-cusses the issues, failures and fraudulent cases associated with EMV Chip-And-Card technology. The work also evaluates people’s understanding of these issues and the consequential precautions they take to safeguard their information while using the EMV cards for transactions.