Viewing results for:
Over the past few months all payments stakeholders have taken a major step forward in payments security. Millions of Americans have received chip cards and thousands of retailers have taken steps to turn on chip readers, making those cards virtually impossible to counterfeit. Instead of a applauding this step forward, a small number of retailer trade associations have instead focused their efforts on mandating the use of PINs to authenticate transactions. This single-minded campaign has generated bemusement among security experts who recognize that PINs would not stop merchant breaches, like those at Target, Home Depot or Michael’s and that PIN fraud has increased threefold between 2004 and 2012. And now, it is increasingly clear that this campaign doesn’t even align with the positions and experiences of many of the retailers who belong to these trade associations.
A recent column by Penny Crosman on whether cards with newer chip technology should be paired with a signature or PIN, for added security, came down squarely on the side of using PINs. But the article overlooked a key fact in the debate: neither is the most important defense against fraud. It’s the chip that matters.
Today a small number of Attorneys General signed onto a letter regarding chip and PIN. Contrary to the claims of a small group of retailer trade associations, PIN would have done nothing to prevent the breaches at Target, Home Depot, Michael’s and other retailers. This campaign to mandate PIN is an attempt to prevent the adoption of common sense data security standards, which could protect consumers by preventing hackers from stealing data from big box retailers. Securing the payments system requires multi-layered security solutions, including chip cards, tokenization, biometrics and encryption that devalue data and protect consumers from fraud. Instead of investing in this misguided campaign, retailer associations should work with their members to adopt these valuable data security solutions that the payments industry has committed to implementing.
The use of distractions in politics has skyrocketed in the past few years as candidates and others have realized how effective it can be to get the media talking about something else – anything else – when it’s you that’s under the glare of scrutiny. The strategy is often called “look, a squirrel!”, an allusion to the Pixar film Up in which dogs’ conversations are instantly paralyzed when any canine participant observes (or thinks he may have observed) a squirrel.
Last week U.S. House Small Business Committee held the second part of a hearing entitled “The EMV Deadline and What it Means for Small Businesses,” which was supposed to address payment security in the United States. Instead of providing Congress with useful information about how to help small businesses protect consumer data, large national retail associations used the hearing to push for a “security” solution – PIN – that wouldn’t have done anything to stop the breaches at Target, Home Depot or Michaels and won’t have a meaningful impact on overall payments fraud. Lost in this charade was the fact that the migration to EMV chip cards and the activation of chip readers by merchants is a critical step in further improving consumer protection. We’ve already seen tremendous progress; 60% of cards are expected to be chip-enabled by the end of the year, and half of all chip payment volume … Continue reading
Right now, federal policymakers are debating how best to protect consumer data from hackers, a discussion that is long overdue. The House Small Business Committee will convene their second hearing today on the major security upgrade that the financial services industry is bringing to payment cards. Our industry is proud of this upgrade, but more needs to be done, especially by other industries that customers entrust with their personal data. The bottom line: retailers need to focus on protecting their customers’ data before it gets breached.
Electronic Payments Coalition Applauds Congressman Luetkemeyer for Supporting Common Sense Security Standards for All
Consumer data protection is a major concern for Americans, particularly given the recent spate of large scale retailer data breaches. As such, it is increasingly important that Congress identify common sense security solutions to protect consumers’ personal and financial information. In an effort to advance this cause, Congressman Luetkemeyer announced his support today for the Data Security Act of 2015. “Consumers deserve to know that their information is safe in the hands of retailers,” said Sam Fabens, spokesperson for the Electronic Payments Coalition. “We applaud Congressman Luetkemeyer for supporting this important piece of legislation and hope that it will encourage others in Congress to follow suit.”
Today, the U.S. House Small Business Committee will hold the second part of a hearing entitled “The EMV Deadline and What it Means for Small Businesses,” which will address payment security in the United States. “Instead of providing Congress with useful information about how to help small businesses protect consumer data, large national retail associations are using this hearing to push for a ‘security’ solution – PIN – that wouldn’t have done anything to stop the breaches at Target, Home Depot or Michaels,” said Sam Fabens, spokesperson for the Electronic Payments Coalition.
What would happen if there was a decades-old drug that was only effective for a very small number of patients, had potential bad side effects and was rapidly being eclipsed by more effective drugs, yet a vocal minority continued to push this drug as the cure-all, and wanted to require everyone to take it? In all likelihood, no one would take this snake oil sales pitch seriously.
One billion. That’s the number of personally identifiable information records stolen through data breaches in 2014, according to a report from IBM and the Ponemon Institute. Even those who follow the news may be surprised by that number. The reality is that while a few major breaches have made headlines, most fly under the radar. There is no reason to believe that we will see any decrease in cyber assaults in the coming years. In fact, we expect them to rise as our lives increasingly move online. The payments industry has been on the front lines protecting against security threats, and has consistently risen to new challenges. Since 1999, financial institutions including credit unions have adhered to the stringent standards of the Gramm-Leach-Bliley Act that help safeguard consumers’ sensitive personal and financial information. Most recently, payments card issuers have been protecting consumer data through the use of new EMV chip … Continue reading