This is a confusing and off-topic discussion with respect to network engineering.
But for completeness:
Payments systems are architected by fraud rates, not by isolated security requirements or engineering mandates, as i think most network engineers can understand.
The fraud rates in the US for credit card transactions were historically very, very low and being a large jurisdiction with a single national law enforcement branch (the FBI) enforcement was effective.
Compare this to Europe in the 1980s when credit cards were accepted very few places. This was for two reasons:
1) the fraud rates were much, much higher, which created chargebacks for merchants that they preferred not to eat;
2) trans-national enforcement was virtually nonexistent. interpol had ~zero time to deal with credit card fraud.
so the best european fraud rings always operated from a different country than where they perpetrated the fraud.
when chip-and-pin was introduced, the point was actually twofold:
A) security
B) shifting liability to the consumer
somewhat famously, even after chip-and-pin was proven compromised, UK banks continued to make consumers liable for all fraudulent transactions that were 'pin used'. this was very, very good for the adoption of credit cards in europe but it was very, very bad for a few people. banks, as usual, didn't are and made some decent money.
So why did the US get pin-and-signature? Target.
International fraud rings finally got wise to the ripe opportunity that was the soft underbelly of the US economy and figured out ways to perpetrate massive, trans-national fraud in the US. and as soon as that happened, the US got chips. the signature-vs-pin part is mostly about the fact that there are *still* low rates of fraud here as tracked by chargeback rates and as a result there's no real need to pay the cost of support to set everyone up with a pin.
and that's what security is always all about: cost tradeoffs. people in countries where everyone has a pin have eaten that cost already and had to because the fraud rates were high enough to justify it. people in the US do not have PINs that they know and setting those up costs money and maintaining people's access to them costs money. so if that's not worth it, it doesn't get done. nor should it.
i generally find it amusing when people from other countries mock the US for not having PINs. this is just another way of saying "my country has high fraud rates and yours appears not to." :-) . you can see this in the comment below "If we were swipe-based here, we'd all be
broke :-).". the payments systems are architected to minimize cost and maximize adoption and they are usually at (or moving towards) some locally optimal point. the US is no exception in that.
now, the checking/chequing system is a whole other, embarrassing beast and mocking that one is just the correct thing to do. :-)
anyway, let's talk about networks, no?
cheers,
t