Chip-and-PIN cards were introduced in order to reduce the level of fraud on credit cards. The argument is that without the PIN your card cannot be used. However, many bank customers have found that their cards are still being used fraudulently and the only difference now is that they have to argue with the bank which can claim that the customer must have compromised the PIN.
The truth is that it is very easy for a criminal to override the chip-and-PIN protection. Walter Volker, CEO of the Payment Association of SA says that as chip and PIN was a new technology and the banks wanted customers not to be inconvenienced during the early adoption period, the system allows the payment device to default to the card’s magnetic stripe.
If there is no chip, then the payment device, such as an ATM, assumes the chip is damaged and defaults to magnetic stripe. This means that a card that has been cloned — in other words, the mag stripe has been copied and a fake card created — can be used even if the original card was chip-enabled.
Volker says that soon this loophole will be closed, which means that if a chip is damaged, a customer will not be able to withdraw money and will have to request a new card.
The only way to protect yourself is to sign up for your bank’s SMS notification programme so you are notified every time a transaction takes place. If your card is used fraudulently, the bank can only hold you liable if the payment device read the chip and did not default to the magnetic stripe — so make sure you get the bank to produce all the facts.
Volker says the ombudsman statistics show that in many cases the banks do repay the money but in most cases it is only when the customer knows to question the transaction. — Maya Fisher-French, Mail & Guardian