As the United States works to ramp up its migration of payment cards from the legacy magnetic stripe to the EMV chip standard, the security of debit and credit transactions will dramatically improve, says Chet Wisniewski, a senior security adviser at security firm Sophos. But the advent of EMV will pose new challenges for banking institutions and merchants, he says.
In an interview with Information Security Media Group at the RSA Conference 2015 in San Francisco, Wisniewski discusses:
- Why contactless payments can be more secure than contact payments;
- Why chip and signature is far less secure than chip and PIN; and
- How new flaws linked to EMV chips are likely to soon be discovered.
Wisniewski has more than 15 years of experience in the security industry. At Sophos, he conducts research related to computer security and online privacy, with the goal of making security information more accessible to the public, the media and IT professionals. Wisniewski frequently writes articles for the award-winning Naked Security blog, produces the weekly podcast "Sophos Security Chet Chat," and is a frequent speaker at conferences and in the press.