Time and Security at the Checkout Line

For retail payments there are six protocols in common use – cash, check, credit card swipe and sign, debit card swipe and pin entry, EMV chip and sometimes sign, and mobile payments (using near field communications) with a second form of authentication.

Cash and check are less commonly used.  Cash payments challenge some of the cashiers whose cash register doesn’t tell them what the right change is.  If you offer a $50 or $100 note, the cashiers will try to validate the note is not a forgery, adding to the checkout delay.  Payment by check is the worst for everyone else in the checkout line.  The back and forth with personal identification documents is reminiscent of arranging for a residential mortgage and only somewhat less time consuming.

A credit card swipe and signature payment is very common and faster than a check.  The swipe sends the card number, expiry, purchase amount and merchant information to the card issuer.  Your name on the card and the “signature” are supposed to guard against fraudulent use of the card number.  Most card reader devices offer a signature box for your signature.  You can use your finger or the inkless “pen” to form any scribble to satisfy its request for your signature.  That leaves only the name on the card and a conscientious effort by the cashier to validate your name from other documents as the last ditch effort at defeating fraud.  Of course, cashiers seldom ask card holders for a second form of personal identification.

A debit card swipe and pin entry is a common form of payment.  If the pin entry is correct and fast, the transaction takes the same time as a credit card swipe and signature.  The pin entry is a second form of authentication and makes the transaction more resistant to fraud than credit card swipe and signature. The usual cautions apply to your selection of a pin and safeguards to prevent its dissemination.

An EMV (Europay, Mastercard, Visa) chip card includes a new unique number with the transaction details and sends it to the card issuer each time the card is used.  The unique number cannot be replicated.  For a semblance of added security, the EMV card transaction can request a signature, but again any scribble you offer seems to satisfy the system, so the increase in security is nil.  The disadvantage of an EMV card is that it takes about twice as long to deal with the card issuer as does a credit or debit card.  American adopters of EMV missed the chance to require a meaningful second authentication such as a pin, as is required in EMV cards for Europe.

Apple, Samsung, and Android “pay” cards detect your account, transaction, and second form of authentication information, which are then sent as encrypted information to the card issuer. The second form of authentication is usually from a finger print reader. This combination makes for a transaction that precludes tampering by hackers and thieves. It is also as fast as the quickest debit and credit card protocols and it is likely to be the successor to EMV cards.