This video explains it all, even if the title sounds inflammatory. But the main reason are language barriers and different regulations among European states. Also, as someone mentioned, some countries have their own payment systems but got bought by American companies, which is the same thing that happens with other European firms.
The chip payment standard used on modern cards and terminals falls under a specification called “EMV”, which was name after the three companies that made the standard - Europay, MasterCard and Visa.
Europay merged with MasterCard in 2002.
Source: used to write software to validate and test EMV.
Also the US payment systems and the European payment systems are identical (same standard) but implemented badly in the US, that’s why it’s much faster in Europe. I have several war stories about all this.
A point of clarification before I begin though - when I talk about chip cards or smart cards, I mean cards equipped with an EMV chip in them. The USA was one of the last countries to adopt this technology, only doing so roughly in the last 10 or so years. The technology has existed since the 90’s (when Europay still existed) and gets regular updates to add new encryption schemes and security gubbins, so while it’s 90’s technology, it has been updated since (Today’s cards use AES and ECC).
Prior to that adoption, the USA basically refused to use them because of the cost (Cost of cards, cost of new terminals, cost of upgrading legacy infrastructure), however they wanted all the modern conveniences like contactless payments - so those first contactless cards were equipped with simple RFID chips. You know the kind, the ones that just spew out static data. Those are the ones the Mythbusters guys investigated and were forced to not air their findings because they’re so dogshit insecure (and where the idea of someone walking down the street with a big RFID reader hoovering up credit cards comes from).
With an EMV chip card, you can’t do that. Those chips are like mini computers, they don’t just spew out static data like your card number, they do challenges and responses, they do encryption, MAC’s, the works. They really are quite secure. A transaction works in such a way that the card doesn’t trust the terminal and the terminal doesn’t trust the card, they validate each other and at any time either of them can say “Nah fuck this, I want to talk to the Bank” - this is called “going online” and if that doesn’t work, the transaction is aborted.
The point of all of this preamble is to say that it’s actually really difficult to perform fraud on a proper chip card (And again I’m talking about EMV chips, not RFID chips). Not impossible, but very difficult to the point where it’s usually not worth it.
So, to try and push adoption of the EMV standard in the USA, the big issuers (Your Mastercards and your Visas) tried to push what they termed the “Liability shift”. To put it simply, they’d say something like “If you don’t support EMV by November 15th, any fraud in your shop/bank/whatever will come out of your pockets, not ours”. Meanwhile, they charged a fee (like 2%) on every transaction to cover fraud. So as a shopkeeper, you’d lose an extra 2% (or whatever it was) on every sale, but if someone came in and bought 10 big-assed TV’s using a stolen or cloned card, you didn’t lose that money.
The problem is, no shops or businesses were going to upgrade all their equipment any time soon and certainly not before their banks could support it. Likewise the banks didn’t want to spend all that money and then tell their clients to buy all new equipment - they were afraid of losing customers because why would a customer spend thousands on a new terminal to stick with the same bank, they may as well shop around.
This weird stalemate meant that adoption was basically nill, so the issuers had to keep pushing back the liability shift over and over. Each time they got a little bit firmer, a sort of “Okay it’s now October next year before you need to adopt EMV but this time we mean it for realsies!”. This went on for YEARS and years until one day, Mastercard decided “you know what, fuck it, we’re not going to bother at all”. It turns out, those fees for protecting against fraud? They were lucrative. They made shitloads of money from it, way more than what the actual fraud was costing them.
We got told in advance that an announcement was going to go out - pushing back the liability shift “Indefinitely”, which was a real bummer for us because we were about to make shitloads of money selling testing tools and equipment to every fucker who suddenly needed to adopt EMV. Then, literally like 4 days before that announcement was due, a miracle happened - Target got hacked.
Yes, that target hack from 2013 where like 40 million credit cards were leaked onto the internet. The hack that made national news for weeks, the one that rustled the jimmies of everyone who had ever set foot inside a target. There was the biggest credit card breach on record, costing hundreds of millions of dollars in fraud and untold bad blood for tens of millions of customers and Mastercard was about to make an announcement to the effect of “Hey we’re going to cancel the one thing that would have prevented all this impending fraud from ever being able to happen”.
Yeah, they didn’t make that announcement. Instead, they put their foot down and suddenly the USA woke the fuck up and decided to finally adopt chip card technology.
(And of course they did a shit job of it, but that’s another story for another day).
France still has one. It’s called CB (Carte Bleue) and is working alongside Visa and Mastercard. Notoriously, some years ago Visa was down for a day and it impacted lots of countries except France because everyone fell back to the CB Network.
A lot of countries in Europe have widely used country-specific payment systems.
The problem is those which don’t as well as the system of one country not being usable in other European countries so it falls back to VISA or Mastercard to use your card when abroad or for online purchases from businesses based in other countries.
Canada seriously needs this too. While we do have Interac for debit I much prefer the safety of a credit card after several relatives have had their cards skimmed etc
Hell, if they started with a “Canada only” card I’d be 100% ok with that as my primary
The advantage of Visa/Mastercard is that they work anywhere.
Europeans are rich and like to travel all over the world, so they want their cards to work everywhere too. Or order stuff online from abroad. Why bother using some local payment processor that barely works if you can just use your Visa card?
Independent payment systems only work in countries that are poor (where people don’t travel or buy stuff from abroad) and/or isolated by sanctions or internal restrictions.
the EU has the power to legislate that their version be offered in a non-discriminatory way anywhere cards with comparable fees are offered… similar to requirements to accept Euros etc
i could for sure see that having a “globally” requirement tacked onto it, arguing that if it’s implemented in Europe and is comparable or better for fees then it’s discriminatory rather than economic to not offer it elsewhere
that’s what i mean about the globally requirement. there are plenty of companies that operate globally, so they could probably mandate that it’s accepted by these companies anywhere they do business
probably couldn’t mandate it for companies that don’t operate in the EU, but if it makes good business sense then they wouldn’t need to. the original mandates IMO are just needed for critical mass
How the fuck does Europe not have it’s own payment system yet?
For one, visa and all the other US payment systems, suuuuuck. I never understood why nobody came up with something better, this just seems lazyness.
Buy hey, better late than never
This video explains it all, even if the title sounds inflammatory. But the main reason are language barriers and different regulations among European states. Also, as someone mentioned, some countries have their own payment systems but got bought by American companies, which is the same thing that happens with other European firms.
The actual answer: they did.
The chip payment standard used on modern cards and terminals falls under a specification called “EMV”, which was name after the three companies that made the standard - Europay, MasterCard and Visa.
Europay merged with MasterCard in 2002.
Source: used to write software to validate and test EMV.
Also the US payment systems and the European payment systems are identical (same standard) but implemented badly in the US, that’s why it’s much faster in Europe. I have several war stories about all this.
I want to hear those war stories.
I’ll give you a fun one.
A point of clarification before I begin though - when I talk about chip cards or smart cards, I mean cards equipped with an EMV chip in them. The USA was one of the last countries to adopt this technology, only doing so roughly in the last 10 or so years. The technology has existed since the 90’s (when Europay still existed) and gets regular updates to add new encryption schemes and security gubbins, so while it’s 90’s technology, it has been updated since (Today’s cards use AES and ECC).
Prior to that adoption, the USA basically refused to use them because of the cost (Cost of cards, cost of new terminals, cost of upgrading legacy infrastructure), however they wanted all the modern conveniences like contactless payments - so those first contactless cards were equipped with simple RFID chips. You know the kind, the ones that just spew out static data. Those are the ones the Mythbusters guys investigated and were forced to not air their findings because they’re so dogshit insecure (and where the idea of someone walking down the street with a big RFID reader hoovering up credit cards comes from).
With an EMV chip card, you can’t do that. Those chips are like mini computers, they don’t just spew out static data like your card number, they do challenges and responses, they do encryption, MAC’s, the works. They really are quite secure. A transaction works in such a way that the card doesn’t trust the terminal and the terminal doesn’t trust the card, they validate each other and at any time either of them can say “Nah fuck this, I want to talk to the Bank” - this is called “going online” and if that doesn’t work, the transaction is aborted.
The point of all of this preamble is to say that it’s actually really difficult to perform fraud on a proper chip card (And again I’m talking about EMV chips, not RFID chips). Not impossible, but very difficult to the point where it’s usually not worth it.
So, to try and push adoption of the EMV standard in the USA, the big issuers (Your Mastercards and your Visas) tried to push what they termed the “Liability shift”. To put it simply, they’d say something like “If you don’t support EMV by November 15th, any fraud in your shop/bank/whatever will come out of your pockets, not ours”. Meanwhile, they charged a fee (like 2%) on every transaction to cover fraud. So as a shopkeeper, you’d lose an extra 2% (or whatever it was) on every sale, but if someone came in and bought 10 big-assed TV’s using a stolen or cloned card, you didn’t lose that money.
The problem is, no shops or businesses were going to upgrade all their equipment any time soon and certainly not before their banks could support it. Likewise the banks didn’t want to spend all that money and then tell their clients to buy all new equipment - they were afraid of losing customers because why would a customer spend thousands on a new terminal to stick with the same bank, they may as well shop around.
This weird stalemate meant that adoption was basically nill, so the issuers had to keep pushing back the liability shift over and over. Each time they got a little bit firmer, a sort of “Okay it’s now October next year before you need to adopt EMV but this time we mean it for realsies!”. This went on for YEARS and years until one day, Mastercard decided “you know what, fuck it, we’re not going to bother at all”. It turns out, those fees for protecting against fraud? They were lucrative. They made shitloads of money from it, way more than what the actual fraud was costing them.
We got told in advance that an announcement was going to go out - pushing back the liability shift “Indefinitely”, which was a real bummer for us because we were about to make shitloads of money selling testing tools and equipment to every fucker who suddenly needed to adopt EMV. Then, literally like 4 days before that announcement was due, a miracle happened - Target got hacked.
Yes, that target hack from 2013 where like 40 million credit cards were leaked onto the internet. The hack that made national news for weeks, the one that rustled the jimmies of everyone who had ever set foot inside a target. There was the biggest credit card breach on record, costing hundreds of millions of dollars in fraud and untold bad blood for tens of millions of customers and Mastercard was about to make an announcement to the effect of “Hey we’re going to cancel the one thing that would have prevented all this impending fraud from ever being able to happen”.
Yeah, they didn’t make that announcement. Instead, they put their foot down and suddenly the USA woke the fuck up and decided to finally adopt chip card technology.
(And of course they did a shit job of it, but that’s another story for another day).
France still has one. It’s called CB (Carte Bleue) and is working alongside Visa and Mastercard. Notoriously, some years ago Visa was down for a day and it impacted lots of countries except France because everyone fell back to the CB Network.
Also in Italy with Bancomat. But still, wouldn’t it be nice if you could use a European card across all Europe?
Europe has everything of its own. But it’s almost always country-specific.
A lot of countries in Europe have widely used country-specific payment systems.
The problem is those which don’t as well as the system of one country not being usable in other European countries so it falls back to VISA or Mastercard to use your card when abroad or for online purchases from businesses based in other countries.
Canada seriously needs this too. While we do have Interac for debit I much prefer the safety of a credit card after several relatives have had their cards skimmed etc
Hell, if they started with a “Canada only” card I’d be 100% ok with that as my primary
The advantage of Visa/Mastercard is that they work anywhere.
Europeans are rich and like to travel all over the world, so they want their cards to work everywhere too. Or order stuff online from abroad. Why bother using some local payment processor that barely works if you can just use your Visa card?
Independent payment systems only work in countries that are poor (where people don’t travel or buy stuff from abroad) and/or isolated by sanctions or internal restrictions.
Or just 100 km to cross the border and it’s already another country. Or if you live in a border town, it might be a short walk lol
the EU has the power to legislate that their version be offered in a non-discriminatory way anywhere cards with comparable fees are offered… similar to requirements to accept Euros etc
i could for sure see that having a “globally” requirement tacked onto it, arguing that if it’s implemented in Europe and is comparable or better for fees then it’s discriminatory rather than economic to not offer it elsewhere
Other countries need to implement it too
that’s what i mean about the globally requirement. there are plenty of companies that operate globally, so they could probably mandate that it’s accepted by these companies anywhere they do business
probably couldn’t mandate it for companies that don’t operate in the EU, but if it makes good business sense then they wouldn’t need to. the original mandates IMO are just needed for critical mass
The same like with EVs :) ceos could cut off profits without worrying about innovation
Btw in Poland we blik, as I remember 6 polish banks has equal shares and 1/7 has mastercard.
At least there some profit stays in Eu…