What is EMV Chip?

What Is an EMV Chip?

An EMV chip is a small microprocessor embedded in a payment card that generates a unique code for every transaction. EMV stands for Europay, Mastercard, and Visa -- the three companies that originally developed the standard. Today, the EMV specification is managed by EMVCo and is used by all major card networks worldwide.

Unlike the older magnetic stripe technology, which stores static data that can be copied and reused, the EMV chip creates dynamic, one-time-use transaction data. This makes it extremely difficult for criminals to clone a chip card and use it for fraudulent purchases.

How EMV Chip Technology Works

When a customer inserts their chip card into a payment terminal (or taps it for contactless), the chip communicates directly with the terminal through a series of encrypted exchanges. Here is what happens:

• Card authentication -- The terminal reads the chip and verifies it is a genuine, unaltered card using cryptographic keys stored on the chip.
• Cardholder verification -- The system confirms the person using the card is authorised to do so. This might involve entering a PIN, providing a signature, or simply tapping (for low-value contactless transactions).
• Transaction authorisation -- The chip generates a unique cryptogram -- a one-time code specific to this transaction. This code is sent to the issuing bank along with the transaction details. Because the cryptogram is unique, it cannot be reused even if intercepted.

This three-step process is what makes EMV significantly more secure than magnetic stripe technology. Each transaction produces a unique data set that is worthless to anyone who captures it after the fact.

EMV vs Magnetic Stripe

Magnetic stripes store the same data every time the card is swiped. If a criminal copies that data -- using a skimming device at an ATM, for example -- they can create a counterfeit card that works exactly like the original. This type of fraud was rampant before EMV adoption.

EMV chips eliminated this vulnerability by making the data dynamic. Even if someone captures the chip transaction data, they cannot use it to make another purchase because the cryptogram has already been used and will be rejected if presented again.

The shift from magnetic stripe to EMV has been one of the most significant reductions in card-present fraud in the history of payment cards. Countries that adopted EMV early -- such as the UK and much of Europe -- saw counterfeit card fraud drop dramatically.

The Liability Shift

To drive adoption, the card networks introduced a liability shift. Before EMV, if a counterfeit card was used in a fraudulent transaction, the issuing bank typically absorbed the loss. After the liability shift date, if a merchant does not have an EMV-capable terminal and a counterfeit chip card is used, the liability falls on the merchant instead.

This gave merchants a strong financial incentive to upgrade their terminals. In the UK and Europe, the liability shift happened in the mid-2000s. In the US, it took effect in October 2015. The result has been near-universal adoption of EMV terminals at physical point-of-sale locations.

EMV and Card-Not-Present Transactions

EMV technology is designed for card-present scenarios -- where the physical card is inserted into or tapped against a terminal. It does not directly protect card-not-present (CNP) transactions, which include online payments, mail orders, and telephone payments.

This is an important distinction. As EMV has made card-present fraud much harder, criminals have shifted their attention to CNP channels. Telephone payments, in particular, are a target because the physical card is not involved and EMV protections do not apply. This is why additional security measures -- such as DTMF masking, tokenisation, and 3D Secure -- are essential for protecting CNP transactions.

Contactless and EMV

Contactless payments use the same underlying EMV chip technology but communicate via near-field communication (NFC) rather than physical contact with the terminal. The chip still generates a unique cryptogram for each transaction, maintaining the same level of security as a chip-and-PIN transaction.

Contactless transaction limits vary by country and card network. In the UK, the limit is currently GBP 100 per transaction. Transactions above this amount require chip-and-PIN verification.

Global Adoption

EMV is now the dominant payment card technology worldwide. According to EMVCo, over 90% of card-present transactions globally use EMV chip technology. The UK and Europe led adoption in the early 2000s, with Asia-Pacific, Latin America, and eventually North America following.

The magnetic stripe has not disappeared entirely -- many cards still carry one for backward compatibility -- but it is being phased out. Several card networks have announced plans to stop requiring magnetic stripes on new cards, with Mastercard targeting 2029 for full phase-out.

EMV Chip Variants and Specifications

Not all EMV chips are identical. The EMV specification supports multiple chip technologies and communication methods:

• Contact chips -- The gold-coloured pad visible on the front of most cards. The card must be physically inserted into the terminal, making contact with metal connectors that read the chip.
• Dual-interface chips -- Most modern cards include both a contact chip and an NFC antenna, supporting both insertion and contactless tap payments. The same chip handles both methods.
• Chip-and-PIN -- The standard in the UK and Europe, where the cardholder enters a four-digit PIN to verify their identity during a chip transaction.
• Chip-and-signature -- Used in some markets (notably the early US rollout), where the cardholder signs a receipt instead of entering a PIN. This offers less security than chip-and-PIN.

The EMV specification is maintained by EMVCo, a consortium jointly owned by the six major card networks: Visa, Mastercard, American Express, Discover, JCB, and UnionPay. Regular updates to the specification address new security threats and support new payment technologies.