A personal identification number replaces the need for a signature, writes Laura Slattery.
A cashpoint surprise is lying in wait for members of the plastic-paying population, as retail assistants have stopped requesting their autograph and started asking them if they know their personal identification number (Pin) instead.
It's not a trick question. In a bid to curb card fraud, the 2.2 million credit cards and 1.1 million debit cards in circulation in the Republic are being reissued so that they carry new chip and Pin technology.
According to the Irish Payment Services Organisation (Ipso), more than one million chip-and-Pin-enabled credit cards are in circulation, and banks will start reissuing debit cards later this month.
More than 100,000 keypads into which consumers will enter their Pin are in place and ATMs have been updated so people can change or unlock their Pins.
The chip and Pin programme, to be completed in the Republic by the end of 2005, is supposed to eradicate much of Europe's €2 billion annual card fraud problem.
The chips are much more difficult to clone than magnetic stripes and should substantially reduce incidents of counterfeit fraud or "skimming". The Pins are designed to help cut incidents of fraudulent use of lost or stolen cards by eliminating the possibility of signature forgery.
That should prove soothing news to the 18 per cent of Irish consumers surveyed by credit card issuer Visa who claimed to have been the victim of credit or debit card fraud.
Card fraud was estimated to take place to a value of €10 million in the Republic last year.
But chip and Pin won't wipe out all types of fraud. As the technology is introduced, there could in fact be more opportunities for fraudsters to make unauthorised purchases and plunder accounts.
In the UK, there was a spike of 62 per cent in mail-not-received fraud last year, as criminal gangs managed to intercept many of the new generation of cards as they made their way through the postal service to consumers. The cost to the card industry was £73 million (€105 million).
"We haven't seen that here," says Barry O'Mahony, Ipso's chip and Pin programme manager. One reason is that the Republic just hasn't got the same scale of cards as the UK, where more than 140 million cards are being reissued.
Consumers should be cautious and avoid the temptation to treat letters from card providers as junk mail to be casually discarded. "There are real security issues at stake," says O'Mahony.
Most banks and credit card companies are distributing the chip-and-Pin-enabled cards on a blanket reissue basis, rather than waiting until a customer's next expiry date.
The card provider should write to the customer in advance, telling them that they will receive their card and then their Pin.
There could be a gap of up to two weeks between the posting of the card and the Pin, says O'Mahony. If customers are waiting any longer for the Pin, or if they don't receive either card or Pin, they should start to worry.
The UK industry figures show that fraudsters there managed to swindle £505 million in 2004, an increase of 20 per cent on the previous year. Some 48 per cent of all card fraud in the UK is either counterfeit fraud or fraud arising from lost or stolen cards.
However, the type of fraud that has topped the table for the second year running is "card-not-present" fraud - the very kind that chips and Pins can do nothing about.
The theft of card details, which are then used to buy goods over the phone, online or via mail order, accounted for £150 million worth of fraudulent transactions, a rise of 24 per cent on 2003.
The industry says "card-not-present" fraud grew in proportion to the number of businesses offering phone, online or fax transactions.
However, with chip and Pin deterring criminals from counterfeit and lost or stolen card fraud, it is likely that more sophisticated attempts at defrauding cardholders will move online. In some cases, fraudsters use computer viruses called Trojans to capture Pins through keystroke logging.
Another common scam is "phishing", where consumers are duped into revealing security details by fake e-mails claiming to be from their bank or card provider. Sometimes the e-mails even purport to be from the company's anti-fraud department.
Ipso's advice is simple: "Never, ever, key in your Pin online or disclose it to anyone."
With the advent of chip and Pin, consumers will also have to avoid "shoulder surfers" trying to glean their Pins at cashpoints as well as ATM queues before snatching the card.
"Our advice to people when they are putting their Pin into an ATM or a keypad is to cover their hand with their other hand," O'Mahony says. "The curly cord on the keypad means you should be able to pick it up and put it close to your chest while you key in your Pin."
Retailers have also been asked to respect their customers' privacy. "That includes the location of CCTV cameras. And Ipso would ask staff to use a bit of discretion - look away when customers are entering their Pin."
Vigilance among consumers is important because, although there has been no technical change in the liability rules for cardholders, they continue to have responsibility for the security of their cards. This now includes keeping their Pin safe and secure - if they don't, card issuers may refuse to cover the cost of fraudulent transactions.
The old generation of chipless cards will continue to be accepted by retailers, some of whom have yet to update their systems.
For the time being, people with the new cards but who forget their Pin will still be able to sign a paper receipt, but that bypass facility will not remain indefinitely, Ipso warns.
Cardholders who have trouble remembering their Pin should use ATMs to change it to a number with which they are comfortable, O'Mahony advises.
But according to Ipso, the smooth euro changeover three years ago suggests that Irish consumers won't be flummoxed by the transition to chip and Pin.
