MADISON, Wis. (11/24/14)--A new white paper from the CUNA Technology Council provides guidance on how credit unions can manage the implementation of EMV chip cards.
As the U.S. payments industry moves through the EMV implementation phase, some say this stage could be its most vulnerable. "Some types of fraud will increase before they subside," said Jim Stickley, CEO of Stickley on Security.
"Criminals will increase phishing types of attacks using the EMV rollout as an excuse to contact members," he said. "They'll make claims regarding the need for activation or security updates, and require people to click links or open attachments sent via email in order to 'activate' their cards."
In this environment, communication with members is essential, according to Stickley. "Credit unions need to be very proactive in telling their members what they will and won't be doing," he said. "Make it clear to members that they should be suspicious regarding emails that contain attachments or links, and when in doubt to contact the credit union."
Many credit unions have begun the transition, and report that vigilance is a key necessity during implementation. "We didn't see increased fraud during the transition, except for a slight uptick in card-not-present fraud," said Bill Arnold, chief information officer of $2.4 billion-asset Service CU, Portsmouth, N.H.
"We have a robust EMV card portfolio overseas, where that's the default card we instantly issue in our branches, but we're still mostly mag-stripe cards here in the states," Arnold added. Service CU is rolling out smart cards to the broader membership in 2015.
Arnold and others stress that catching discrepancies and warning signs early can make a big difference.