Yeah, the TWiET podcast made a big deal recently about how chips are finally making their way to their cards. I couldn't help but laugh. IIRC, Norway had those since the late 80s. And in Australia, Paypass/Paywave is near ubiquitous now. I think the US is way behind in their banking infrastructure.
I used to work at the largest merchant acquirer in the US and it's funny to see people claim these features just now making it to the US were signs of innovation lacking within the US. However, the reason these features were necessary outside the US is because the risk model was more severe outside the US; there was no need to implement them here. I have a presentation from Mastercard somewhere from 2006 that showed the dates for mandatory chip&PIN around the world the didn't include the US b/c we didn't need it. At the same time, I had flip phones on my desk from Motorola and Samsung with NFC integrated.
Edit to add: This is not a tech issue, it is politics and the like.
Weird, because most of the data I can find shows that the US has one of the highest rates credit card fraud in the developed world. Australia being very far down the list typically, and yet we got chip & pin and Paywave/Paypass well before most other places
Before the internet, and before its pervasiveness (~2010), all, then most, of the credit card transactions were 'card-present.' The US still leads in fraud prevention for 'card-present' transactions. The US was optimized for these transactions, so the internet has been a bit of a hassle and or opportunity (e.g. paypal).
Paywave/Paypass is about convenience, rather than security. It is less secure than chip and pin.
Fraud was a lower risk to credit card companies in America because [1] they were better at detecting and preventing fraudulent transactions, and were better at passing on the costs of fraud to retailers and consumers.
My understanding (I wasn't in the fraud department) was that the US historicaly had better connectivity (leased ISDN lines), and was doing fraud detection in the 'cloud' (i.e. soft real-time). Most other countries had to rely on connectivity-free authorization and ISO 7816 was a better fit there (smartcards with onboard storage and authentication methods).
