Credit Card Encryption

DEFINITION of 'Credit Card Encryption'

Credit card encryption is a security measure used to reduce the likelihood of a credit or debit card information being stolen. Credit card encryption involves both the security of the card, the security of the terminal where a card is scanned, and the security of the transmission of the card’s information between the terminal and a back-end computer system.

BREAKING DOWN 'Credit Card Encryption'

Credit cards are an integral part of the payment process. Consumers expect that most businesses will accept cards as a method of payment, rather than relying on cash to conduct transactions. Businesses provide electronic terminals that a consumer can scan his or her credit card through, with the terminals sending the card’s identifying information to computer servers in order to verify that the consumer has sufficient funds.

How Credit Card Encryption Works

When a credit account holder makes a purchase with their card, the information such as the account number are scrambled by an algorithm. The intent is to make it impossible to access that information without the corresponding encryption key that lets the merchant and financial institution conduct their transactions. Until the information is decrypted by the key, the information is not usable, making it safe so long as it remains unlocked.

Because credit cards require the use of an electronic transfer of information, they can be exposed to third parties who can steal the card’s information. Types of fraud include skimming, carding, and RAM scraping.

Card issuers use a variety of methods to encrypt credit cards. The magnetic strip on the back of a card is typically encrypted, and can only be read by a card scanner. Relying solely on the magnetic strip is a less secure method than requiring the use of a PIN-and-chip, because a PIN makes it more difficult for stolen credit cards to be authorized and used. A smart card with an electronic chip adds can be harder for thieves and hackers to steal information from compared with other forms of encryption and security put in place to protect cred account information.

For transactions that do not require a card to be scanned, such as an online transaction, websites require both the credit card number on the front of the card and a CVV number located on the back of the card to be used. Using a CVV prevents an individual from being able to use only a stolen credit card number to conduct a transaction.