Gartner Blog Network

Chip and PIN is alive and well in Europe

by Avivah Litan  |  January 30, 2014  |  3 Comments

I’m just finishing a trip overseas, now in Holland where I’ve been meeting with banks and other Gartner clients. The verdict is in – Chip cards are in fact working to substantially reduce losses from counterfeit cards. Some of the banks I met also instituted geo-blocking to stop the cards’ magnetic stripe from being accepted in certain countries. One major bank told me EMV chip combined with geo-blocking has brought their card present fraud down as low as possible.

I think most of us know this already but it’s always good to hear it again. Yes, the fraud shifts to ecommerce channels when chip cards are implemented, but thankfully there’s plenty of good technology out there to stop ecommerce fraud as well.

By the way, I understand that the financial institutions and the retailers in the U.S. are now debating whether the U.S. should implement Chip and Signature or Chip and PIN. Supposedly, the rates will be the same on each (I’m not sure but that’s what I hear), but I imagine it comes down to who eats the fraud if it occurs. With PIN, banks will likely eat the fraud – with Signature the retailers are more likely to because the issuer can always claim the retailer didn’t check the signature properly.

The rest of the world has implemented Chip and PIN. Handicapped people who can’t enter their PIN are accommodated with special cards that don’t require one.

Frankly, I prefer entering my PIN over signing my name. It’s much faster.


Avivah Litan
VP Distinguished Analyst
19 years at Gartner
34 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Ms. Litan's areas of expertise include endpoint security, security analytics for cybersecurity and fraud, user and entity behavioral analytics, and insider threat detection. Read Full Bio

Thoughts on Chip and PIN is alive and well in Europe

  1. Linda Echard says:

    Looks like this Gartner expert got it wrong. PCI standards work so long as the standards are followed. Clearly they weren’t in the Target situation. Chip and PIN won’t work either if companies like Target just hand over the “keys” to anybody. The solution is to make it illegal for any entity, including Target, to put consumer data at risk, period. Chip and PIN would not have kept the 70 million consumer records safe. That’s on Target.

  2. Hans Willems says:

    Wait a second. Sounds logical to me that copying a signature is much easier than copying a chip+pin. I am not surprised that it, combined with geo blocking, has brought a banks’ card present fraud down as low as possible. I don’t think Avivah, and the rest of the world who has implemented Chip and PIN, is wrong here.

    The fact that some banks don’t want to eat the fraud and companies don’t care about consumer data security looks like another discussion.

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.