23 Jan NRF urges transition to more secure and advanced credit, debit cards
This week, The National Retail Federation sent a letter to congressional leaders outlining the retail industry’s commitment to protecting sensitive consumer data in the wake of the recent international cyber attacks and thefts.
“The National Retail Federation and our 12,000 members are committed to combating this criminal threat to our industry and our customers, and we strongly recommend the adoption of meaningful steps to fight cyber theft and credit card fraud,” NRF President and CEO Matthew Shay wrote in the letter sent to Senate Majority Leader Harry Reid (D-Nev.) and House Speaker John Boehner (R-Ohio).
The letter reiterated the retail industry’s long-held support for replacing current credit and debit cards with cards that would store data in an embedded computer micro-chip and require the use of a PIN rather than a signature. Current cards use easy-to-hack 1960s technology.
“For years, banks have continued to issue fraud-prone magnetic stripe cards to U.S. customers, putting sensitive financial information at risk while simultaneously touting the security benefits of next-generation PIN and Chip card technology for customers in Europe and dozens of other markets,” Shay said. NRF expressed its support for an immediate transition from magnetic-stripe cards to more-secure and advanced PIN and Chip cards to better protect consumer data from theft, hacking and skimming. PIN and Chip cards are widely used in more than 80 countries throughout Europe, Asia and Africa.”The retail industry is eager to work with banks and card companies to fight cyber attacks and reduce fraud,” Shay said. “These efforts include installation of sophisticated new PIN-enabled point-of-sale-systems and readiness to adopt cards with more secure microchip technology, but the fact remains that retailers cannot do this alone.”
UPDATE: The Independent Community Bankers of America (ICBA) has “expressed its shock and outrage” at the NRF letter:
“The NRF should focus its attention on responding to the harm that security breaches at several retailers have done to consumers and their financial institutions rather than hurling false allegations blaming the banking industry for these retail breaches,” ICBA President and CEO Camden R. Fine said. “Retailers and their processors” not “banks”are responsible for the systems in their stores that process payment cards. ICBA hopes that the massive retail security breaches at Target, Neiman Marcus and others will spur retailers to adopt security solutions going forward.”Nearly every retailer security breach in recent memory has revealed some violation of industry security agreements. In some cases, retailers havent even had technology in place to alert them to the breach intrusion, and third parties, like banks, have had to notify the retailers that their information has been compromised. Further, even card security controls such as chip and PIN technology would not have prevented the breach of personal information of more than 70 million U.S. consumers. Retailers must step up to the responsibility that comes with handling personal information of consumers.
(Photo by StockMonkeys.com.)