When the primary method of processing a transaction doesn’t work, what happens? Typically, if a magnetic strip card swipe is unsuccessful, it is manually keyed into the terminal. This method of falling back was used before the security of chip card technology was available. Fraudsters with fake credit card information target places of business that do not have EMV compliant equipment.
For amateur crooks, it is often expensive to steal a credit card number and create a magnetic strip. Instead, fraudsters use a piece of plastic that looks like a credit card i.e. a gift card and use this as a template. The number on the front of the card is changed and embossed. The crook comes into a store with the recently created fake card, attempts to make a purchase, the cashier swipes the magnetic strip unsuccessfully, the card number must then be keyed it into the terminal in order to process the transaction. The method of keying in a payment, is the fall back process.
Chip card technology was designed to eliminate the fall back process. Credit card terminals and cards are now both equipped to handle a chip. Chip to chip compatibility is what makes a transaction secure. Fraudsters seek out businesses with a terminal that is not upgraded to be chip compliant. Non EMV compliant terminals are easily spotted, typically seen with a piece of plastic or tape placed over the chip card reader of the terminal. Covering chip card readers forces transactions to use the fall back method of keying information into the system. Fraudsters steal chip cards and damage the chips, for use at establishments with non EMV compliant terminals.
Businesses equipped with non-chip capable terminals or terminals with a piece of tape over the chip reader are prime targets for fraudsters. This flags merchants as easy fraud targets. If a chip to chip transaction is unsuccessfully run, merchants should immediately ask for a second form of payment. If a business decides to fall back to the magnetic strip, they must understand that receiving the funds is at risk. There are forums solely dedicated to keeping directories of stores that have non-compliant terminals on the dark web. The dark web is a network where criminals can access sensitive information while remaining anonymous.
To help prevent penalties, chargeback fees and loss of merchandise, business owners are encouraged to update equipment. The importance of EMV compliancy cannot be stressed enough. If you don’t have a compliant terminal, find out how TouchSuite can help.
This blog is made available by TouchSuite for educational purposes and to provide general information about certain topics but does not provide professional advice. The blog should not be used as a substitute for seeking professional advice in your state. TouchSuite assumes no responsibility for errors or omissions in the contents on the blog.