U.S. Payments Industry Can Layer EMV Chip, Encryption and Tokenization Security Technologies to Help Protect Against Card Fraud

Businesses processing credit and debit payments can help protect themselves against new and evolving fraud threats by implementing EMV chip technology, tokenization and encryption security technologies in conjunction, the Smart Card Alliance Payments Council states in a white paper.

Today, payments industry stakeholders are looking at many security technologies to protect their businesses and customers. This white paper explains how layering three of these technologies – chip, tokenization and encryption – in conjunction can help to secure the payments infrastructure and prevent card fraud," said Randy Vanderhoof, executive director of the Smart Card Alliance.

"The degree of layering will differ among payments stakeholders depending on their requirements, environment and budget. Reading this white paper is a good start for any stakeholder starting to consider their best approach for implementing the three technologies."

The three technologies recommended in the white paper to be used in conjunction are: Chip technology, which improves the security of a payment transaction by providing cryptographic card authentication that helps protect against the acceptance of counterfeit cards.

The EMV specification also offers cardholder verification and several means of transaction authentication that help safely authorize transactions Encryption, including end-to-end encryption (E2EE) or point-to-point encryption (P2PE), which can immediately encrypt card data at time of entry—at card swipe, key entry, tap or insertion—so that no one else can read it and use the card data for unauthorized transactions.

Tokenization, which replaces card data with surrogate values (i.e. "tokens") that are unusable by outsiders and have no value outside of a specific merchant or acceptance channel.