Credit cards that claim to be safer may not be

FORT MYERS, Fla. – In 2014, tens of millions Americans had their credit card numbers compromised, after hackers broke into several stores’ databases including Target, Home Depot and Michaels.

However, banks across the U.S. are offering new credit cards, known as ‘chip and signature,’ that claim to offer more protection. The formal name for the card is EMV or Europay, Mastercard and Visa. In Europe, the cards have been used for at least a decade.

The EMV cards have a small chip, typically in the upper, left-hand corner of the card. That chip holds all the card’s information. When a consumer uses the card, they put it into an EMV reader. In Europe, a consumer must have a PIN to use the card. In a sense, that PIN unlocks all the information in the chip, so a transaction can be processed.

However, there are two differences between the EMV cards being distributed in the U.S. and the ones used in Europe. In the U.S., most banks offering the EMV cards are not offering a PIN. Instead, the consumer puts the card in a terminal and signs for the transaction.

John Benkert, a cyber security expert and CEO of CPR Tools, Inc, said without the PIN, the consumer is not as protected.

“The way they’re selling it is we’re giving you the chip, we’re giving you the technology, [but] we’re not using it,” Benkert said. “They’re blaming it on the American consumer saying they’re lazy, they don’t want to have to remember a PIN and it’s not easy for them, it’s easier to sign. But if you’re like me, I typically don’t sign the back of my credit cards anyway, I never have. I expect that store teller or person taking my credit card is going to ask me to see an ID, so they can verify my signature and that happens probably 5 percent of the time.”

In addition, the banks are still putting the black, magnetic stripe on the back of the EMV cards because not every retailer has a terminal that can read the card. However, Benkert said that defeats the purpose of the chip.

To prove his point, Benkert used a skimmer that anyone can purchase for $30. He asked a WINK News producer to use her new ‘chip and signature’ card and swiped the card. Within seconds, the skimmer pulled up all the card’s information on the computer.

“It’s scary and it’s something that the technology is there, the technology has been there for years to fix it. It all comes down to the dollar and most major banks and credit card companies don’t want to spend the money that it will take to do the right thing.”

Bank’s Response

WINK News contacted Citi and Bank of America, just some of the companies offering the ‘chip and signature’ card.

We asked Citi if they had a response to Benkert’s claims. They sent the below response.

“Today, all new Citi Branded credit card accounts are issued with chip technology (we are using chip and signature technology). We have been on a path to migrate our Citi-branded consumer credit cards to chip for the past several years. More than 10 million Citi MasterCard and Visa accounts have been issued with an EMV card. For the majority of our credit card customers, if they wish to request a chip-enabled card they can make the request online or by calling Customer Service. Citi will begin issuing consumer debit cards with EMV in 2015.”

Bank of America’s statement is also below.

“Our consumer credit cards are chip and signature, which provides a more consistent customer experience, enabling them to use their cards as they do today. The counterfeit protection is within the chip, not how consumer verify (PIN or signature). ”