New Zealand upgrades payment cards to 'dip-the-chip' technology

Visa is the first card issuer in New Zealand to confirm its plans, although it has eschewed the 'chip and PIN' moniker seen in other countries, and calls it 'dip-the-chip.'

All New Zealand Visa cards issued from April 1 onwards will be PIN/smart card enabled and will require the use of a PIN at all retailers, says Visa Asia, adding that around 4% of the the country's 2.4 million cardholders are already retailer PIN-ready.

Visa's New Zealand manager, Sean Preston, told the New Zealand Stuff newswire that the company was making the changes after detecting a rise in card fraud.

"These initiatives are part of a comprehensive security upgrade aimed at providing cardholders with a higher level of confidence and significantly reducing all types of card fraud including counterfeit, skimming and online fraud", he said.

"While card fraud in New Zealand remains low by world standards, overseas criminals are becoming increasingly active in seeking out new arenas", he added.

"The time is right to take advantage of the new technologies available to work across the industry, with banks and merchants, to strengthen security across the board."

The gameplan is to make dip-the-chip mandatory in New Zealand from April 1, 2014.

Despite the fact that smart card/PIN payment authentication is slowly but surely sweeping the globe, the technology has not achieved complete approval from IT security professionals.

Last month saw a Cambridge University research team – led by card security specialist Ross Anderson – prove that the chip and PIN system was fatally flawed.

Stephen Howes, CEO of pictorial PIN developer Gridsure, meanwhile, said that latest fraud figures from the UK Cards Association show the chip and PIN system is not as secure as is claimed.

"Although this month's fraud figures (from the UK Cards Association) show signs of improvement in certain areas, the level of online banking fraud across the UK is still shockingly high", he said.

"Measures such as 'Mastercard Secure Code' and 'Verified by Visa' are going some way to protect customers but are all still based on the user having a fixed code, so if the customer falls victim to a phishing attack they are left completely exposed", he added.

What’s Hot on Infosecurity Magazine?