More and more card readers at POS terminals now support tap to pay means of making a payment. If we are not inserting the chip end of the card, how is it providing additional security?
Edit: wow, lots of great information, thank you folks for taking the time and explaining it like I’m 5.
Tap to pay is a wireless way for the reader to connect to the chip in your card. The chip is a security measure because your banks servers have a little encrypted communication with the chip to verify that your card is real before completing the transaction. It is hypothetically possible for a thief to connect to your card wirelessly but the range is short and RFID blocking wallets are common
A magnetic strip on a card encodes the same information that is printed on the card itself (the issuing bank, the card number, expiration date). When it’s swiped and the information is read it’s effectively like they just took a photocopy of your card. Just in a way that is more convenient for computers to read.
The chip on a card is a small computer that can digitally sign things using a secret cryptographic key. The key is stored in the chip in a way that card readers can’t read the key directly, they can only ask the chip to sign things.
So when you use a magnetic strip to pay, the card reader essentially ends up with a copy of your card and you just have to hope that they’re not going to do anything sketchy with it. With a chip they only end up with a digital signature that authorizes a specific transaction, so there is nothing there for them to steal (it’s even done in a way that you can’t reuse the signature to authorize another identical transaction).
The chip is a teeny tiny computer that generates a one-time code every time it’s used.
Random on computers is a very, very difficult problem to solve and programmers usually cheat by using local data to “seed” a complex formula which generates psuedorandom numbers – for example, the current time is a frequent seed if you’re doing it just to get randomness and not for security. If you’ve ever played a game with a procedurally generated world like Minecraft then you’ve probably seen the “seed” which you can use to generate that exact same world again. Stardew Valley uses the number of steps you taken as a seed for certain random events, like the weather (this is how speedrunners get it to rain every day so they don’t have to water their plants)
Your chip has a unique “seed” and a random number generator built in. Because the bank knows what seed your card has and more or less how many numbers it has generated, it can validate that the random number that it just received from your card was actually generated by your card.
So it provides additional security whether you insert or tap because either way it’s spitting out what is essentially a one-time code. Even if a bad actor intercepts and recreates the signal your bank would reject the transaction because that code has already been used.
The chip is not just a storage device like a magnetic stripe. It’s kind of a mini-computer with internal RAM (random access memory for its software algorithms) and ROM (read-only memory, a permanent storage). The security it provides is similar to https protocol used to protect you visiting web sites. In addition it’s very hard to access its RAM and ROM to clone it. Even if a waiter takes your card to a back room it is unlikely they have equipment to copy.
The chip checks if it is communicating with a genuine POS terminal and the original bank who issued the card using public/private key cryptography the same way your browser checks if it is communicating with the true reddit.com using https protocol. The terminal and the bank check in reverse order if they are communicating with a genuine chip. Once they checked each other they encrypt all exchanged data. The encryption protects your banking data the same way https protocol protects your data you submit to websites from eavesdropping while the data goes through 3rd party networks.
That’s a high level overview. Feel free to ask how public/private key cryptography works in general.
The extra layer of security of chip-and-PIN is that the chip is a tiny computer able to do operations using a secret number stored inside it. This way the point of sale terminal can offer it a transaction and the chip can sign it without the point of sale terminal getting to know how to do the signature itself.
This is not possible with a magnetic strip since it can’t have information that’s concealed from the point-of-sale terminal.
Tap-to-pay is still using the chip to sign the transaction, just communicating with it using NFC rather than electrical pins in contact. It’s up to your card issuer (and typically your account settings) how large a transaction is accepted when it’s signed without a PIN.