Major consumer credit card breaches at Target and Neiman Marcus have turned new attention on efforts to upgrade U.S. banks and retailers to a credit card standard that's combating fraud across the globe: by adding a $1.50 chip to credit cards to pump up the security of our transactions.
Retailers, banks and regulators have worked to make these chip cards, called Europay MasterCard Visa, or EMV, cards, take a foothold in Europe and Asia. Relatively low fraud rates in the United States made it less urgent to use the chips in the U.S. market. But America's slow adoption of the chips had a drawback: It helped make U.S. consumers more vulnerable as fraud targets. Now there's a new push to get U.S. vendors to update their systems.
Here's a look at how these cards work from The Washington Post's Todd Lindeman, along with more charts showing how the chip cards have reduced the rate of credit card fraud around the world, making the United States a potentially bigger target.
(For a fuller look at U.S. efforts to roll out EMV cards, check out our story in Tuesday's Business section.)
As for the latest breach, security firm IntelCrawler said that the 17-year-old hacker it identified as the author of the malware -- called KARTOXA -- that affected the payment systems for retailers such as Target and Neiman Marcus is part of a group. The firm, which last week identified a Russian teenager nicknamed “reet4” as the malicious software’s author, said Monday that it has now identified a second man who sells this software on underground markets. The firm said the two are part of a group with roots in St. Petersburg.
In an e-mail to The Post, IntelCrawler chief executive Andrew Komarov said that the firm has found online chats with "reet4" selling the program for $2,000 per transaction.