Wal-Mart’s executive in charge of payments thinks the United States’ switch to chip-based credit cards is going to be a disappointment.
The new “chip & signature” program is barely an improvement on security and fraud, said Mike Cook, Wal-Mart’s assistant treasurer and a senior vice president, at this week’s Electronic Transaction Association’s Transact conference in San Francisco. Cook said Wal-Mart would have preferred a “chip and PIN” system that Europe and Africa have, since PINs would protect cards from being stolen.
“The fact that we didn’t go to PIN is such a joke,” Cook told CNNMoney.
Cook said signatures on checks were sufficient 100 years ago, but they’re outdated today. PINs on debit cards were a major improvement to stop thieves decades ago. They’d do the same for credit cards — which is why banks should use them for all cards.
“Signature is worthless as a form of authentication,” Cook said during a presentation at the conference. “If you look at the Target and Home Depot breaches … not a single PIN debit card needed to be reissued in those breaches. The card number was worthless to the individual thief and fraudsters, because they didn’t know the PIN.”
This comes from a company that’s been adamant about adopting technology to stop fraud. Wal-Mart has been ahead of the curve — more so than any other U.S. retailer. It started installing EMV-capable payment terminals at its stores eight years ago, and they’re already active today. That means you can dip a chip-enabled card there, a safer way to pay than swiping.
Retailers in general have been critical of the U.S. banking industry’s decision to avoid PINs on credit cards, calling it a half-step in the right direction.
The United Kingdom, for example, implemented chip-and-PIN and saw a dramatic decrease in fraud stemming from counterfeit cards and stolen cards. By using chips alone, the American upgrade would only cut down on counterfeiting.
However, both companies leading this upgrade — Visa and MasterCard — note that counterfeiting makes up the vast majority of credit card fraud anyway. So, they’re tackling the biggest problem currently hurting banks and annoying shoppers, who keep getting reissued cards.
Banks don’t want to add a PIN to your credit card for other reasons too. Banks fight to be your most frequently used card. A PIN-required card might annoy you enough to make you relegate it to second place. No bank wants to be card number two — even if it’s safer, said Martin Ferenczi, a top executive at one of the world’s largest card makers, Oberthur Technologies.
Also, it’s expensive. Attaching PINs to credit cards is an extra batch of data running along the credit card network. That tiny addition requires a multi-billion dollar software upgrade at credit card companies, banks, makers of payment terminals and merchants, experts say.
Besides, better technology has already come around, like Apple Pay and Samsung Pay, tap-to-pay features that use your phone. They hide your credit card number from retailers, and they use unique one-time codes that are useless to hackers and thieves. Banks hope these will become main payment methods in just a few years.
“We don’t see a need for it,” said Visa vice president of risk products Stephanie Ericksen. “[Chip-and-PIN] will have a shorter shelf life. We’re moving to new technologies and innovation.”