FBI backpedals on EMV security warning

On Friday, Oct. 9, the Federal Bureau of Investigation (FBI) released a security warning about new EMV cards, which was quickly withdrawn from the FBI's website. When the post re-emerged less than a week later, it was suspiciously missing a key piece of information.

According to Computer World, the FBI's initial post warned consumers and retailers about, among other things, the importance of using a PIN with new EMV cards, rather than just a signature. The revised post, still oddly dated Oct. 9, removed that warning.

"[The warning] has been watered down to the point of not being particularly helpful so that it's … not much of a public service," Mallory Duncan, general counsel for the National Retail Federation, told Computer World.

In other parts of the world, EMV, or embedded chip, cards are often referred to as "chip and PIN" cards, based on how they are used. When customers insert the card into the reader, they enter their PIN, much like a debit card, in order to authorize the transaction. While the chip already has security measures that far outweigh traditional magnetic strip cards, the PIN adds another layer of protection for consumers. In the U.S., however, the only a signature is required.

The FBI isn't the only entity to recommend using PINs, but it was certainly one of the highest profile ones. It's strange, then, that this warning was removed from the post. In an email from the FBI's national press office to Computer World, the organization claims that the revised warning "was issued to clarify the security safeguards associated with the [chip card] technology and to highlight some of the potential vulnerabilities fraudsters and cyber criminals may try to exploit."

If your company is in need of new credit card processing software, be sure to contact 911 Software today.

Scroll to Top