As far as I remember, there have been ceaseless data leakage issues since 2010 but haven’t seen any appropriate countermeasures to be taken. The most recent and the biggest data leakage case, NH Nonghyup, KB Kookmin, and Lotte credit card data leak, ranked third in terms of its size and triggered national chaos. There was massive data breach in the US as well: Target and Neiman Marcus. Target and Neiman Marcus are the two high profile retailers whose networks were breached through POS (Point Of Sale) malware. The commonality between Korean and US data leak cases is the outdated technology. Using a decade old technology, US and Korea are becoming easy targets for hackers. Therefore, calling for Chip-and-PIN technology is growing louder as it is considered the most reliable and optimal ICT that could replace the current one.
Many of us haven’t heard of Chip-and-PIN technology, but it is already adopted and commonly used across Europe, Canada, Hong Kong and many other countries. The Chip and Pin technology, also known as EVM (named after three companies: Europay, MasterCard, and Visa who developed the standards), is a modern technology of which the data is encrypted in the micro-chip, making it harder to duplicate. It also requires PIN (Personal Identification Number) which provides an additional security.
The Chip-and-PIN credit and debit card does not look much different from current magnetic stripe cards. Think of your ordinary credit card without magnetic stripe: it’s the end of swipe and sign card. As the definition reveals, the Chip-and-PIN credit and debit cards have an embedded computer micro-chip so that you insert your card and enter the PIN. Obviously, Chip and Pin technology is way secure. With current insecure ICT, hackers can use information gained by internet hacking or skimming to clone victim’s cards and swipe them. After such massive data leak, no one’s data is ever safe in Korea, not even President’s.
Then why haven’t we adopted the Chip-and-PIN system earlier? It’s the cost issue. Tons of cards should be reissued and all the readers in stores be replaced. It also requires the support from merchants, acquirers and issuers at once. If I shifted to Chip-and-PIN credit card and got denied in a store which accepts swipe-and-sign card only, it causes a big problem. It’s the start of another chaos. Now that the benefit of shifting to new technology is proven to outweigh the cost, it’s time to move on to the technology of next generation.
After Target and Neiman Marcus massive data breach, the US is alarmed and responding quickly to making it not happen again. We, as consumers and cardholders, should also be cautious about keeping our data safe, but without sweeping revision in ICT, our data is never safe. Chip-and-PIN technology cannot be said perfect, but absolutely more secure and advanced one. We should move toward the technology of new generation so that we can keep our pride as being number one IT nation.
Yeajin Shim (firstname.lastname@example.org)