Maybe some good will come out of the data breach at Target.
It could speed-up the adoption of more secure credit card technology in this country – something that has dragged on for years.
Chip-based “smart cards” – already used in Europe – are difficult to counterfeit because the account information is encrypted and stored in an embedded microchip. Most point-of-sale transactions with these smart cards cannot be authorized without a PIN code. That’s why it’s called “PIN and Chip” technology.
Matthew Shay, president and CEO of the National Retail Federation (NRF), has sent a letter to the leaders of Congress, calling on the banking industry to switch from the easy-to-hack magnetic stripe to the more secure PIN and Chip.
“As long as bank cards continue to be issued with outdated and fraud-prone magnetic stripe (and signature) security, it is clear American card holders will remain largely unprotected,” he wrote.
Shay said retailers are “eager to work with banks and credit card companies” to reduce fraud. According to the NRF, credit card fraud cost retailers and bankers more than $11 billion in 2012.
Smart cards have been around since the 1990’s, but U.S. banks have stayed with the magnetic stripe – a security technology developed in the 60’s.
In the last few years, they have issued millions of chip-enabled cards, but they're still a very small part of the total market.
Visa, MasterCard, American Express and Discover want the U.S. converted to PIN and chip security by October 2015. After that date, they say, fraud losses will shift to the retailer if they don’t have point-of-sale payment terminals that read smart cards.
Industry observers blame both sides for the long delay in deploying this technology. Neither industry has wanted to move forward with the changeover because of the enormous costs involved.
“It’s time for both sides to stop debating and start working to solve the problem,” said Adam Levin, chairman and founder of IDentityTheft911. “We can no longer afford not to do this.”
Alphonse Pascual, a senior security and fraud analyst with Javelin Strategy & Research, believes the Target breach could be what it takes to finally get both sides to move on the issue.
“As a result of the Target breach, no one wants to be on the wrong side of the issue,” Pascual told NBCNews. “And this technology, which is a very well-understood symbol of credit card security around the world, is something both the financial and retail industries can rally around.”
While smart cards have been proven to reduce credit card fraud at the point of purchase, they don’t stop all fraud. The account number can still be used to make online or telephone purchases where the card does not need to be presented.
“We’ve got to start somewhere and this is an obvious solution,” Pascual said. “We know it works. And just because it won’t eliminate all fraud doesn’t mean it’s not worth doing.”