Does the End of Credit Card Signatures Put You at Greater Risk of Fraud?
Earlier this month, the four major payment providers in the United States – Mastercard, Visa, American Express and Discover – dropped the requirement to include a signature for card transactions.
CNET quoted a spokesperson from Mastercard: “It is the right time to eliminate an antiquated practice.”
It won’t end for everybody, however. “These outdated signature requirements are only abandoned for merchants who have updated their hardware to support chip and PIN technology,” said Scott Schober, cybersecurity expert and author of Hacked Again. Also, the end of the signature requirement is optional. Many merchants who do have the requisite technology will still likely ask you to sign your name until they embrace the change.
The question is, will the elimination of credit card signature put you at greater risk of fraud?
Signatures offer little protection
What does your credit card signature look like? Is it neat and legible or is it a scrawl that looks like you signed with your eyes closed? For most of us, our signature falls somewhere in between. And we tend to skew towards the illegible end of the spectrum for a couple of reasons:
- You’re in a hurry because you have somewhere else to be;
- There are other people waiting in line behind you, so you feel pressured finish your transaction quickly; or
- The merchant is trying to speed up each transaction because, “pausing for signatures noticeably slows things down at rush hour.”
When was the last time a merchant checked your signature against the one you are supposed to write on the back of your card?
In fact, there are those who don’t write anything that resembles a signature. Mark Malkoff, a comedian, writer, and filmmaker who worked for Comedy Central's The Colbert Report, produced a YouTube video that showed just how pointless it can be to sign for card purchases.
A story in the New York Times said, “Target plans to eliminate [the signature requirement] this month. Walmart considers signatures ‘worthless’ and has already stopped recording them on most transactions.”
Moreover, merchants and payments providers have been moving away from signatures for a while. CNET noted that more than, “75 percent of face-to-face transactions” using Visa cards in North America, “already don't require a signature, thanks to lower-value transactions.”
New technologies safer than signatures
The advent of EMV chip technology in has drastically reduced fraud in card-present transactions, or those where a card is physically present and inserted into a card reader. An EMV card generates a unique transaction code each time it is used in a card-present transaction. If a cybercriminal steals the code by illegally hacking into a company’s transaction data, it doesn’t matter because it can’t be used again. On the other hand, the more common magnetic strip, or card swipe, technology reads a static code that is the same for every transaction. That makes it much easier for a thief using a card skimmer to steal your card information and to create fraudulent, duplicate cards.
Schober said there has been a 70 percent drop in card-present fraud losses in the United States since cards incorporated EMV chip technology in 2011. A report on creditcards.com showed that card-present fraud losses reached a high of $3.6 billion in 2015 and are anticipated to fall to $1.8 billion this year.
Part of the reason, Schober said, is that, “EMV chips are significantly more secure than antiquated magstripe technology as they do not fall victim to card skimming and cloning.”
The New York Times explained: “The chips create unique codes for each transaction, making the cards much harder to copy. The chips … only took off in the United States three years ago, when the card networks began punishing merchants that still relied on the old card-swipe technology. At that point, signatures became largely irrelevant in resolving fraud claims.”
Card present, but not present
Although it represents a small percentage of overall payments, another payment method gaining ground is contactless payment, or digital wallet service. For this method, you enter your credit card information into a payment app such as Samsung Pay, Apple Pay, or Google Pay, which then generates a virtual card with unique card number and works similar to the EMV chip.
To make a payment, you hold your smartphone, smart watch, or other mobile device near the card reader. Although a card isn’t physically present, and your phone or watch doesn’t have to touch the machine, you still must activate the app on your device and be close enough to the card reader to make the payment.
Schober prefers contactless payment systems for their convenience and security. “These tap-and-go payments do not have any access to the credit card used nor do they store any of my transaction information that can be sold back to retailers and marketers,” he said.
Shift to card-not-present fraud
Because of the effectiveness of the EMV chip, thieves and criminals are turning their attention to online fraud. CNP fraud includes telephone, internet, and mail order transactions where you do not physically use your card or contactless payment system at the point of sale. A report by
US Payments Forum says the U.S., “leads the world with the highest percentage of e-commerce sales, with 77 percent of U.S. merchants selling online.”
Cybersecurity expert Schober warns that chip-enabled cards, “do nothing to prevent online theft. Since EMV cards now have wide scale acceptance throughout the U.S., CNP fraud is on the rise.”
Shop without fear
You can shop online without fear if you follow a few safe shopping tips:
- Be aware of fake websites and fraudulent store apps;
Also, use a credit card instead of a debit card, which offer benefits such as 24/7 fraud protection with no liability for unauthorized charges. Never mail cash or wire money to pay for telephone, online or mail order purchases.
Whether your signature is required to complete a transaction or not, you can reduce your risk of fraud and protect your finances by using the merchant’s chip reader when it’s available, and by following the online shopping tips above.
To stay on top of Nuvision alerts and information related to the risks of fraud and identity theft, financial and data protection, and cybersecurity, check our Fraud Protection blog or follow Nuvision on Facebook and Twitter to receive updates when new articles are published.