The voices calling for the U.S. to migrate to EMV have been growing louder over the past few months with Walmart, T-Mobile and even the Federal Reserve calling for or discussing the move. Meanwhile, just across the border, the United States’ close northern cousins in Canada have already taken the decision to make the move and are well underway in their migration to EMV.
Despite the fact that Canada is still in the early stages of migration, the country has already experienced some reduction in payment fraud levels. The Criminal Intelligence Service in Canada has just released a report which shows that in 2009, combined losses due to payment card fraud decreased from $512.2 million in 2008 to $500.7 million. A small fall, but a halt in the previously increasing figures never the less.
This reduction in fraud relates solely to credit card payments however. Losses due to debit card fraud spiked in 2009, increasing by 36% from $104.5 million in 2008 to $142.3 million. This discrepancy could be due to the fact that EMV has not yet been rolled out on debit cards to the same extent. Interac, the Canadian national debit card scheme has been slower to roll out EMV than the credit card schemes.
The transition to EMV chip cards in Canada will continue for at least a couple more years, so we should expect further declines in fraud such as skimming and counterfeiting activity at point-of-sale terminals and ATMs, particularly on debit cards as the standard is further adopted.
However, as we all know, criminals do not go away entirely but rather redirect their activity to a softer target. It is likely that, as the CISC suggests, there will be a “displacement of payment card fraud using Canadian card data to locations that have not implemented chip and pin, such as the U.S.”
Of course, EMV adoption is not the only measure needed to protect cardholders. Cardholder data still needs protection in the network and in storage to avoid its capture and use in fraudulent card not present transactions. As Canada continues its focus on payment fraud prevention the ever popular and growing online channel also needs focus. They should also look to roll out two-factor authentication for online transactions (as a number of UK banks have done) to ensure maximum security of payments regardless of channel.