It is generally recognized that the fraud rate on signature debit historically has been higher than the fraud rate on PIN debit. Getting the exact numbers of fraud rates is a bit elusive, but the numbers reported here seem to comport with the general understanding.
In part, the higher fraud rate on signature debit reflects the fact that–in the United States at least–signature debit tends to be used much more frequently than PIN for transactions that have inherently higher rates of fraud, especially “card not present” transactions, such as Internet shopping. Consumers justifiably are not comfortable providing their PIN number in this context. Signature debit may also be less secure because of a practice that we have in the United States in places such as restaurants where we actually physically give our card to the waiter or waitress and so it disappears from our sight. Other places where signature is used is probably a historical artifact that will change. So, for example, hotels seem to generally use signature rather than PIN debit, which as far as I can tell really is just because aesthetically they don’t like having PIN pads on the check-in counter. Eventually that might disappear, but it does provide some explanation (albeit unusual) for why signature is used there. My understanding is that in Europe, for example, many restaurants are equipped with wireless card processors where the consumer swipes his own card. Again, consumers are reluctant to give their PIN number to a waiter in the US. So what this means is that, contrary to what some overheated critics have argued, there are perfectly logical reasons why signature debit exists in the United States at least in some of the market categories in which it is widely used. And for other transactions it appears that PIN debit volume has generally overtaken signature debit (such as in grocery stores).
But the problem with PIN debit, as the recent security breach at Michael’s indicates, is that even if the fraud rate is lower, the loss from a fraud incident may be substantially higher. This is because, unlike signature debit, if a thief steals your PIN debit magnetic stripe he can also get your PIN number. Which enables fraud not just for purchases but also to tap into your ATM machine and make cash withdrawals, which substantially increases the ability for large losses. I suspect that ATM withdrawals may also be less likely to trigger fraud alerts than unusual purchases.
Moreover, as consumers increase their use of PIN, of course, thieves are going to increase their efforts to breach PIN security because it will become more worthwhile for them to do so.
This is not to imply in any way that we have an optimal market allocation between PIN and signature debit or that the relative interchange fees are optimal between the two Nor is it to imply that I know for certain that we do not have an optimal allocation. So please don’t interpret me as saying that.
Eventually one expects that the United States will adopt some technology similar to the more secure chip-based systems that prevail in Europe. But those systems are very expensive to start up because they will require entirely new technology installations at retailers and the like. Consider the cost of outfitting every sit down restaurant with a handheld swipe machine and the technology to go with it. And the cards themselves are more expensive to produce. My understanding is that to date there has been little interest in the United States to gravitate to this technology because the fraud rate in the US traditionally has been pretty low and so the costs have not been justified in light of the benefits. But there may come a day where that is no longer true.
Of course the big, bit question here is how the Durbin Amendment will impact this. If issuers and merchants gravitate to a more secure debit card system, such as a chip-based system, will issuers be able to recover these costs from interchange fees? Or will they have to get bank consumers to cover these costs? If the latter, then it seems foreseeable that introduction of more secure chip-based systems could be delayed by the Durbin Amendment. My reading, together with the proposed Fed Reg, is that the development of a more secure payment card system would not be a reimbursable cost under the Durbin amendment. And merchants have no reason to be concerned about fraud loss that is borne by banks and their customers. Similarly, if we are to move to a general replacement of
In the short term, the bottom line is to keep in mind that although PIN debit still seems to be substantially more secure than signature, it is not a panacea. And keep in mind that PIN debit fraud does expose you to ATM theft as well so the loss from PIN fraud may be much higher than for signature.