Interesting. I use my chip cards all over the southeast US and I don’t think I even have a PIN for those cards. I know that I don’t know what the PIN is. I have never entered a PIN for a credit card in the US. I have also never had a problem using a credit card.
I do have a PIN for my debit card. That is one reason I rarely use it.
PINs are not universally used in the US.
Some banks are requiring you to use PIN, but I’d say at this time probably less than 25% do.
Chip-enabled POS terminals won’t accept a swipe from a chipped card. The terminal will instruct the customer to insert the card into the chip slot instead.
There is apparently some fallback mode for swiping a card in which the chip has failed. I’m not sure how this meshes with my first statement.
I understand that some European issuers have moved to cards that lack a mag stripe altogether.
Moving to chip, no signature. All the major card brands are discontinuing requiring signature for (most?) chip transactions.
Europe introduced chips due to high fraud rates.
The US has had low fraud rates compared to other countries, especially those in Europe.
It took years after introducing chips for Europe’s fraud rate to drop down to the same level as the US without chips.
Yes, swipe was the default if the chip did not work. The new policy is that if there is a chip on the card, the merchant (not the equipment) will not longer accept a swipe, even if the chip fails.
Usually wiping the chip and / or bending down the end of the card a bit to push the chip against the contacts inside usually corrects these problems. If not, well, sucks to be you with the malfunctioning chip.
I see in the USA some merchants require a PIN, some a signature, some both. All the chip does without a PIN is validate the card is real; does nothing to guard against stolen cards, until they are reported and flagged. In Canada, everything is PIN only. A few weeks ago I ran across a situation where the network was down and the merchant actually dragged out the old carbon gizmo from 20 years ago… 
The big problem is, as I understand, that a lot of ATM’s haven’t been updated and still use the stripe. The stripe is the most vulnerable feature, basically capture that information and the PIN and you can anonymously and unsupervised drain cash from a bank account. About 5 years ago when I was in the middle east, most ATMs would not process foreign debit cards - except I found a machine near Petra that used chip instead and happily dispensed cash - once it was re-filled.
As for tap and go - basically defeats the purpose of the PIN. The merchant won’t be on the hook, and the card is typically limited to $100 per day - but I’m not sure whether the Card or bank covers your losses until you report it. What I’ve done is find where the tap antenna goes and cut it, disabling tap. You hold a strong LED flashlight against the card in a dark room and you can see the loop - then cut the card deeply with an exacto knife to break the circuit. Canadian banks will not issue cards with no tap feature and declined to set the tap limit to $0 so it was up to me.
My experience has been that the equipment doesn’t accept a swipe from a chip card, at least not initially. If a customer swipes he sees a message on the screen instructing him to insert the chip. I don’t know how it’s overridden in the event of a chip failure (where the merchant doesn’t have a prohibition on a swipe) and would be curious to learn.
As a side note, a quick plug for Android Pay (or presumably Apple Pay). Much faster than either a swipe or especially a chip transaction. Just tap it and go, approved in 2-3 seconds typically. Sometimes you have to sign, sometimes not, but it’s still a lot nicer than having to leave the stupid card in the machine for a good 20 seconds.
I don’t feel like they are a great improvement in security - at least not in every way. Sure, if I lose my card, nobody can just casually use it for an in-person transaction - they would need to know my PIN (whereas before, they would just require the minimal skill to produce a passably similar signature)…
However…
There’s only one PIN for all functions of the card, and now I am entering it in a lot of different places (before, it was only at ATMs) - that’s greater opportunity for it to become known by someone else.
The PIN is used at ATMs and for authentication purposes at the counter of my bank - if someone got my card and PIN, they have the potential capacity to empty my account. It seems like a fairly low bar.
Furthermore, the implementation of the PIN (in the UK) is insecure - it’s stored directly on the card without any kind of encryption (this is considered necessary so that chip and PIN terminals can perform ‘offline’ transactions) - so someone with the right equipment, and my card, can find out my PIN.
According to VISA Canada the liability limit is $0 as long as you promptly notify your bank.
So basically unless you notice and notify the bank before the crook tries to run up a $100 tab at the liquor store, you’re on the hook.
As for PINs, there was a case in the news where someone was pickpocketed in Mexico and then a large withdrawal was made with their PIN. Speculation is that the crooks watched them buy something at a store just before that to get their PIN. (The bank was refusing to reimburse them because the PIN was used) But then, there were 14 murders in 36 hours in Cancun the other day… Credit card fraud is one of the less risky results of visiting Mexico.
AFAIK after a chip failure the swipe works. (“Chip failure, please swipe”). The merchant’s new policy since they have high-end desirable merchandise is “no swipe” - except for American Express, which is so far behind the times that on much of Canadian equipment their chip does not work. Must be because of the “American” in the name.
I find it hard to believe the PIN is stored unencrypted, but - when it comes to big banks, nothing is too stupid for them to do it. As I understood it, never looked into it deeply, the chip does challenge-response encrypted; so presumably an offline terminal could be used to do all 10,000 tries. Not sure if the chip is smart enough to realize this. (There’s also the IR camera trick - some simple IR cameras can detect body heat from when you pressed the keypad. So if the crook is next in line he can take a photo and see which keys were pressed 20 seconds ago. )
But for all the flaws, chip and PIN basically stops most casual credit card fraud.
Eventually. Hey, my credit union switched to non-embossed numbers on the card only about a year ago. It was a big advantage because they could whip up a replacement card in the local branch in a couple minutes. When was the last time you had a card actually run through a knuckle-buster yet most banks still emboss the numbers.
I have a “know your customer” policy on such matters. In my industry, I do get to know them relatively well, I know who they are, where they live, their phone number, and I generally know their dog better than they do.
Retailers and food services where you have a more transient customer base should require a bit more security.
Sometimes it is the readers that are having the problem.
Whether a card uses PIN or not is not up to the merchant, that is up to the card issuer.
Most people with tap cards don’t even realize that they have one. My reader will pick up the attempt at NFC when they put their card into the reader to use the chip, and get all angry about it.
It seems to me that that is a much higher vulnerability than the chip or even the mag swipe, doesn’t that mean that your data can be read without having to take your card out of your wallet? Wouldn’t that make it much easier to steal CC info?
On my machine, if the chip fails once, it pops up a screen that says “Chip Failure / Swipe Okay”. One of the few options I have over the machine is to tell the merchant services provider to change that to either require more tries, or not allow swipes at all. As I know my customers fairly well, I am happy to accept a swipe rather than deal with a hassle at time of payment.
At the moment, I have 4 different contactless cards in my tri-fold wallet. I have my business card one end, a personal card at the other, and my debit card and a second personal card in the middle.
I can unfold my wallet and tap either end without taking the card out. If I want to use the cards in the middle, it would create a clash and one card may win over the other so I would need to take the desired card out first.
With regards to security, the contactless doesn’t send out the same ID every time. Each tap gives a unique ID that can’t be reused and can’t be saved for later use.
Here in the US with the cards I have with chips, there is no PIN required. When I went to London, there was a lot of surprise that it wasn’t prompting for a PIN.
My experience has been different with PINs. At least on the healthcare side. The users I support can’t seem to remember them with the badge-in computer systems on the floor… though with the number of different systems I manage and use, along with a few chip enabled cards, I could see these PINS as hard to remember which goes with which. Synchronizing them (or changing them at all) seems to be a hard thing to do with the banks/companies I’ve dealt with on the card side.
Since the chip is an active, powered device, and so is the tap feature - it’s a bit more complex than “here’s the card number”. As I understand it, there’s a challenge-response sequence between the reader and the chip involving public key encryption technology which pretty much makes it impossible to copy or impersonate the chip… so far. Ditto for Apple Pay.
I can change my PIN at any ATM from my bank in Canada, takes all of 90 seconds.
This is exactly the case in the UK. Chip & Pin is pretty much universal over here.