Visa today announced it would mandate a move to chip and PIN technology for all Australian Visa cardholders over the next four years, with signatures no longer accepted at the check-out by 2013.
The overhaul would see more than 14 million Visa cards upgraded by April 1, 2013.
According to Visa about five million (37 percent) of Australian-issued cards are already embedded with the chips.
Visa will also require issuers (i.e. banks) to ensure cardholders are enrolled to have a Verified by Visa password for doing online banking transactions by April 1, 2012.
Chris Clark, general manager for Visa Australia and New Zealand said Visa would ensure all cardholders have a Verified by Visa password.
"We're saying all cardholders have to have a password," Clark said. "They must be enrolled.
"If they don't get enrolled, the liability for a fraudulent transaction falls onto them," Clark said.
But the Verified by Visa password would not be mandatory for online merchants, such as eBay, to implement. Visa's policy would still allow for the three digit CVV2 "security code" to stay in place.
Current technology "easy" to skim
Clark said that current magnetic cards were "easy" to skim and that chip technology would prevent skimmers from duplicating cards.
He said credit card data has usually been contained on the magnetic strip of the card. "And it's that stripe which is really, really easy - well... not easy - but that stripe can be compromised by card skimming".
Clark said chip technology would not be as easy to duplicate.
"To date, after I think over 20 years, the chips have not been able to be corrupted because they store what's called dynamic data," Clark said. "So every time you do a transaction, that chip interacts with a special terminal and it creates a dynamic authentication code whereas with a traditional or magnetic stripe transaction, where it's swiped, it's just the same old static authentication".
Clark also said Visa was looking at more ways to secure credit cards.
He said this included making dynamic online passwords, having an SMS every time you wanted to do an online transaction and having a type of token authentication or a card that plugged into your PC.