Study: ID Fraud Up Since Security Chips Put Into Play

By Brooke Rogers | CBS11 News

Follow CBSDFW.COM: Facebook | Twitter

DALLAS (CBSDFW.COM) – It’s a tiny chip that elicits big opinions.

Meant to protect customers from credit card fraud, most cards now have security chips, and many businesses bought the chip readers to go with it. But more than a year after they became common place, research shows that identity theft is actually up.

“With all the credit card hacking and privacy invasion, I think it’s a fantastic idea,” said one consumer.

Not so, said another. “It holds you up. It’s annoying.”

Consumers and businesses switched to the chip-based cards and readers 16 months ago to deter theft. But a study released this week from Javelin Strategy and Research found that identity fraud cases rose 16 percent in 2016, which equates to 15.4 million new victims – a record high. Lane Conner, founder and CEO of credit card processor Fuze said the chip rollout was bungled from the start, in part because it was supposed to require a pin – not just a signature.

“The real security was supposed to be the pin and actually putting your pin in when you actually dip the card,” he said. “A bad guy could just as easily steal your wallet, go and dip a credit card into a machine and sign for it like they’re you as you could swiping a card.

He also said the increase in e-commerce is to blame, since online shopping offers virtually no credit card protection. For business owner kory helfman of ken’s man’s shop, the spike in fraud cases is concerning.

“It scares me as a business owner, not only for our store but also for our clientele. No one wants to come under any kind of fraud,” he said.

But overall Conner is comfortable with the protection the chip readers gives. And that’s a good thing given the chip is here to stay.

“As badly as it was done, the ship has sailed on ever going back to swiping cards,” said Conner.

(©2017 CBS Local Media, a division of CBS Radio Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)

Comments

One Comment

  1. Carl Quick says:

    Ha, ha, … they say chip is for security, but chip is really for tracking and databasing your life.
    Stick with cash, or you’ll soon find very high insurance rates due to your eating and lifestyle habits attracting too much attention at the insurance company. Wall Street journal reported in 2005 that this was already happening back then.

    1. Have you ever wondered why some retail outlets have a minimum threshold on purchases made with a credit card?

      Well it’s because of the fees that the credit card companies charge the retailer to use the product. Those fees are not for operating costs, they get that floating the credit money for profit. No, those fees pay for the rewards consumers get back for using the credit card. For large corporate businesses it’s not a problem because the volume of their sales makes that fee negligible item and a cost of business. For the mom and pop retailer however it’s a serious cost to doing business.

      So the next time some retailer tells you of a minimum purchase for a credit card now you understand. If they didn’t have that minimum amount and sold you things below that minimum they might have just given you the item for free as there was no profit in the sale. No profits from sales no business. No business means you have to go somewhere else to purchase the things you need.

    2. Bubba Bubbas says:

      HEY CARL…Whether you use the chip or swipe they still get your info. So, the chip adds nothing new. It was supposed to be implemented with a pin which provides security. No one checks to see if the signatures match anymore.

  2. Inserting a card vs inserting and swiping the same card is not added security. And yes, your credit card number is right on the front of the card and so is all the other data you need to order online. This was never going to improve anything as you have to enter this data ONLINE manually to order it, which means you need to be able to READ it off your card. The only security element is when a website requires your billing address, as that is not on the card. BUT once you’ve entered that at any major retailer online – Home Depot, Target, and even the FEDs, for example, they just get hacked and the bad guys have EVERYTHING they need – including your SSN. A chip is not stopping anything…

    1. They always ask for the security# on the back of the card, so you need the actual card to order online. Also, you need to have a billing address and that cannot be a PO Box, thus the thief has to wait at your mailbox to get his booty.

      1. Actually they can get the CSV number also upon you entering into a compromised computer. Also Amazon lets you setup a different delivery address than where your card is registered too. What I did was get rid of every credit card I have except for one, and that’s what I use for online orders. I also activated the web access for it and I check the charges every couple weeks or so. I just caught the CLEAR machine at the Airport actually tried to charge me $179 for using it, and it said it was free, but like anything else, if they get your card number and say its free, its going to try and charge you at a later date hoping you wont see the charge. Credit card fraud has become huge huge business , even for supposed legitimate business like CLEAR machines at the airport.

    2. The chip stops thieves from cloning credit cards. It also prevents dishonest employees from swiping your card thru their cheap card readers that they buy from Radio Shack or wherever.

    3. Years ago before the magnetic strip I was on an engineering team to develop it. It didn’t take long for me to see the security problems with it but, properly managed it was a safe card to use, Much safer than the cards with chips in them today. It also didn’t take me very long to learn how to hack the cards and change the pin code, which is not verified by the bank but is verified by the card itself. I learned now to read the pin code from the card and how to change it. I also learned how to change everything on the card and even clone the card with my own special pin code so that I could use it with an ATM or non-attentive cashier.

      Fast forward several decades and introduce the chip. Sounds good but as a development engineer that used the same chip for different purposes, I quickly found out the secrets of the chip, developed for the tracking of animals, and how to read it from a distance of over 35 feet using consumer off the shelf hardware and software, how to modify the pin code which is stored by the chip and how to clone the card.

      Now I didn’t do all of this for the credit card companies but I did collect a bunch of expired cards from friends, family and co-workers to use those chips in a test environment to develop the product the chips were to be use in. One was for the buried cable industry. Those chips were implanted in the insulation and the information on them told the reader who owned the cable and where it went to. Really handy information when you are a road crew digging in the utility right of way where other cables are buried.

      The other product was one for our military to use on the pets inside of military housing. That device looked like a small shotgun and told the user who the dog or other chipped animal belonged to so that they could contact the military member and have it removed back to military housing instead of wandering all over the base.

      Still, the chips we used to develop this technology are the same chips you see in credit cards today. When you slip it into a reader there is roughly 64 thousand bytes of data that gets transferred with your name, address, credit card number, and, so they can start profiling you for advertisement. your last purchases and the amount of those purchases.

      Some will say, “Oh, but I keep my card stored in this little Mylar envelope so I’m good.” Not so. I can sit over 35 feet away from you and with some very simple easy to conceal equipment can read that card completely in the time it takes you to extract the card from the envelope and place it into the card reader.

      Needless to say, the chips on my cards no longer function. As an engineer I know how to shut them down. If they can’t read the magnetic strip, I either pay in cash or go without the product. But if you feel confident that your credit card is secure, go ahead and use the one you have with the chip inside. I simply am telling you what I have learned about these chips and why I don’t use them. What you do is your own business.

      Now if course if you ask your credit card company if their chipped cards are safe, you know they will tell you yes even if they are not. Why? Because that’s how they make their money. It’s all about money isn’t it? . .

    4. For Bruce Johnson
      “They always ask for the security# on the back of the card, so you need the actual card to order online. Also, you need to have a billing address and that cannot be a PO Box, thus the thief has to wait at your mailbox to get his booty.”

      Sorry to burst your bubble but you are incorrect. They don’t always ask for the security # on the back of the card. I know because I have purchased items on my credit card over the phone and was not asked. They also ship to a PO Box and the PO Box can be the billing address as well.

      I know that, again from purchasing items with my credit card on line or over the phone and get my products through my PO Box that is also the billing address for my credit card.

      So while the perception is that they always do these things is negated by the fact that they don’t always do it. Sorry but those are the real facts based solely on past experience.

  3. Actually I stopped using chip cards and now use cow chips. Thery’re easy to find across the street from me and don’t jelly up the cow chip reader and people behind me only complain about the smell. They work better if you let them dry, plus you might find some mushrooms growing around them.

  4. They fail to determine/reveal whether the increase in fraud is due to the new chip/reader format or a rush by fraudsters to take advantage of the old format before the new one is prevalent. A half-assed “report” is about as valuable to readers as full-blown fake news.

  5. The real risk of these “chips” is that they are RFID which is broadcasting into the air and can be read by any RFID reader over the air. Best protection is to get an RFID shielded wallet or the RFID blocker card you can carry in your wallet as well

  6. My boyfriend asks now and then to pick up a carton of cigarettes – I don’t smoke so I *always* pay cash for these so it doesn’t get “reported” to my health insurance company. I think we should be able to demand what information is and has been reported to our health insurance – I’ll bet we would be shocked at how little privacy we actually have

  7. Makes me wonder if the chips and readers were all a scam to increase profits for the manufacturers. Reminds me of the CFL bulb and auto air-conditioning scams. Whenever there is a major change (that is forced on the consumer) someone, somewhere is going to make money off of it.

  8. I switched back to cash after my credit card and debit card numbers got hacked and 100’s were charged to them. Havent had one single theft yet of any of my cash. Cash is quicker and much much more secure. You have to physically take it from me and I am in Texas so good luck!

    But what I love most about cash, no debt, and it works 100% of the time, even if the credit card machine or computer is down. Go figure huh?

  9. Typical government fail, particularly Obama’s government.
    It takes longer.
    It makes it less likely to have a clerk check ID.
    It can be scanned from a distance.
    It is more expensive to make.
    It requires more expensive equipment to use.
    It fails in it’s primary mission.
    “But the intentions were good!!”

  10. Steve Hollar says:

    So in reality, people have a false sense of security because of the all mighty chip. So now they can be real stupid and the chip will take care of them. Surprise. It does not work that way. You still have to be responsible.

  11. We all know it is not more secure What they dont want you to know, the real reason for the Chip is to condition people. The Chip they care about is the one they want to put into everybody and control their health info, money, Credit and so on and so on. Lets see how many idiots allow that to happen.

  12. I’m so sick of “we can’t go back”…NOT ALL PROGRESS IS GOOD PROGRESS

  13. a giant asteroid is looking better and better

  14. Jack Riley says:

    Pin for every transaction is needed. Signing does not work.

  15. My Capital One card requires a pin regardless if debit or credit is chosen so a thief could not just swipe my card an use it. The guy at the bank said that there is no functional difference between credit and debit transactions on my account and there is no fee for either choice.

  16. There’s a huge difference from ID theft and credit card fraud and data that’s stolen from data centers. There’s PINS, DUMPS and CVV2’s, CVV’s are used to order stuff online. ID theft is where I would use someone elses name, birth date and SSN to obtain goods and services. DUMPS and PINS (the data) is encoded to any PVC card and used an ATM Dumps are encoded to a credit card and used at a retail store. seems like this story just pumps all that into (identity theft) and identity theft is not the same as CC fraud or using the data to buy goods or steal cash from an ATM, wen it can be charged back. (identity theft) there is no charge back, it’s the most egregious of crimes when I was active in the carding scene.
    . I was even interviewed by wired.com

Comments are closed.

More From CBS Dallas / Fort Worth

Drip Pan: CBS Local App
Drip Pan: Weather App

Listen Live