To Encrypt or not to Encrypt?
- EMV does not need to encrypt cardnumbers because it’s authenticating their use
- Not all systems (ecommerce) support EMV, and the USA has many legacy systems that need cardnumbers
- PCI has already caused encryption of “data at rest”, and everyone has already done that or moved their data to a hosted solution
- EMV hardware is now starting to encrypt just to accommodate existing mixed-model rollouts in the USA.
- EMV is expensive to implement for a string infrastructure like USA.
Mobile – What’s up?
- EMV chips and SIM cards are the SAME TECHNOLOGY!
- EMV is supposed to make your phone a better wallet.
- What about mobile security
- New guidelines emerging that may be PCI-like all over again
- New programs are different between VISA, MC, etc
NFC – How does it fit?
- NFC is a communication protocol.
- Regular mag stripe cards can be NFC-enabled
- EMV will use NFC to have “contactless”
- NFC (or low emission Bluetooth?) will allow communication to the EMV chip to authenticate
Mobile, etc – What could go wrong?
- AT&T, etc own the SIM
- They want to charge the issuers $$ to send data to THEIR chip
- MasterCard has announced a “new idea” that does not need EMV
- Visa allows barcodes to appear on phones that don’t need EMV
- LoopPay device can broadcast your cardnumber to any reader without NFC, EMV or BlueTooth.
- The world changes fast in our competitive market, especially when a rollout like EMV is so expensive and difficult to implement.