Now that credit cards have been chipped, the banking industry has set its sights on modernizing another essential financial tool that’s stuck in the 1980s — ATMs.
You might have noticed that the fancy chip-enabled debit card you received does you no good at the ATM. That means counterfeit debit cards can still be used to steal cash. Chip-enabled point-of-sale card readers were expensive for merchants, but nothing like the expense of replacing cash machines. So old-fashioned card skimming – in which a criminal electronically copies debit card data and PIN codes entered by consumers, then copies the data on to a counterfeit card – is still possible, despite the transition to chip cards.
Banks looking to tackle this problem aren’t just adding chip readers to ATMs; they are rolling out a variety of new technologies to bring cash machines out of the 20th Century. The key will probably be in your pocket instead of your wallet. Your smartphones might soon be your cash card.
So-called contactless ATMs don’t need a debit card at all. Account holders pull out their phone and either use a radio chip inside it to tell the ATM to hand over some cash — sometimes called “tap and PIN” — or they receive a one-time code text from their bank that’s entered into the machine to unlock cash.
Phone-as-bank-card technology has been used in Europe for a few years, but it’s about to arrive for mainstream use in the U.S. this year. Chase announced a big rollout within a few months, promising smartphone-enabled cash upgrades at a majority of its 18,000 machines by the end of the year. Chase’s version will be the type-a-code-the-bank-has-texted version. Wells Fargo and Bank of America have made similar announcements. All promise to eventually support some version of tap and PIN.
Why would you bother using your smartphone instead of pulling out plastic? The new ATMs — called eATMs — have other convenience advantages, too. During an experiment in California, users seemed most interested in selecting the denominations they get during a withdrawal.
But smartphone ATMs are much more than a gimmick, says Avivah Litan, an analyst with consultancy Gartner. Phones can do a much better job of authenticating users, Litan said.
Your Phone vs. Your Debit Card
“Smartphones provide a much more secure form factor than chip cards do, as there are many sensors on smartphones to help with authentication and fraud detection,” Litan said. “Fingerprint readers, cameras, the phone chip itself, the phone’s movements, its location.”
Consumers who use two-factor authentication at their bank website already know that involving their phone in an authentication process generally makes it safer. One-time passcodes or virtual tokens create a “something you know and something you have” two-step process for logging in. Adding smartphones into the mix will do for ATMs what two-factor authentication did for websites.
Using phones also pushes some expense onto consumers — no need for banks to mail replacement chip debit cards. Not to mention that consumers might start using that digital “debit” card to make payments, netting the bank a new source of transaction fees.
Meanwhile, cellphone firms think the system will help with consumer loyalty.
“(There’s) more consumer stickiness,” Litan said. “It will be harder to switch manufacturers … (such as) from ioS to Android … if all your payment and banking information is in an IoS wallet.”
And consumers, in this case, really will benefit from stronger security and more convenience.
“It’s a ‘win win win’ proposition for both banks and consumers, and helps the smartphone manufacturers (too),” Litan said.
Don’t miss a post! My email list is free