Bart Perkins: Forget the expense -- more secure credit cards are an opportunity
Cost has kept U.S. businesses from adopting fraud-resistant credit cards, but consumer concerns about privacy could make adoption a key differentiator
Computerworld - We're finally ready to get serious about credit card fraud in the U.S. Is your IT department ready for the changes that are heading its way?
U.S. merchants and credit card issuers must implement the EMV credit card standards, requiring embedded chips, by October 2015, or they will be held responsible by Visa, MasterCard and other large credit card companies for the cost of any fraudulent in-person transactions.
Europe's credit cards have been more secure available than those in the U.S. for years. The financial losses caused by fraud hadn't been high enough in the U.S. to spur any change, and businesses were willing to absorb the losses. But then criminals started to target the easier-to-clone U.S. cards, and U.S. credit card fraud doubled over the last 10 years. Still, while credit card fraud now costs the U.S. roughly $1.1 billion, that amount is overshadowed by the approximately $8 billion required to issue new cards and install new card readers in hotels, restaurants, stores and other credit card-reliant businesses.
In business, cost is usually the great justifier when it comes to change. But in this case, it just hasn't been sufficient. But things are changing, and that's because privacy concerns are providing the catalyst to migrate to higher-security cards. The revelations about National Security Agency spying were scary, and the Target breach and other high-profile data losses heightened privacy concerns. The public does not believe that businesses or the government adequately protects consumer data. The final impetus for the migration was the December 2013 Senate Commerce Committee report that revealed that private U.S. data brokers collect enormous amount of data and can identify who suffers from diabetes and who faces financial difficulties. They even know how much time someone spends watching YouTube!
EMV credit cards are significantly more secure than the current magnetic stripe. Each card contains a microchip that encrypts every transaction differently, making the cards extremely difficult to clone. Even if credit card numbers are stolen from a repository, the consumer's personal information is unavailable. The most secure credit cards, known as "chip and PIN," allow the consumer to retain physical possession of the card at all times. Rather than giving the card to a clerk, who could copy critical information, the consumer is handed a portable point-of-sale reader that requires a PIN to complete the transaction.
Although banks and merchants are still debating whether to adopt a full European-style chip-and-PIN approach or a hybrid chip-and-signature approach that would be more familiar to the U.S. consumer, either would be a significant improvement over the current situation.
More by Bart Perkins
- Bart Perkins: Forget the expense -- more secure credit cards are an opportunity
- Bart Perkins: A project staffing worst practice
- Bart Perkins: How to keep projects on track
- Bart Perkins: Power to the people's devices
- Bart Perkins: Pester no more: How to handle the FCC's new rules on robocalls
- Bart Perkins: 3D printing is IT's next big challenge
- Bart Perkins: Benchmarking is great, when it's not a waste
- Bart Perkins: Global standards, meet local constraints
- Bart Perkins: Congratulations on your new supplier. Got a good prenup?
- Bart Perkins: Can't buy you love
- Improving IT Efficiencies: Four Advantages of Multi-Tenant Data Centers Increasing demands on IT are forcing organizations to rethink their data center options. For many organizations, that means turning to the flexibility afforded...
- Accelerating Cloud Deployment and Operations with Managed Services Companies that do not have sufficient in-house expertise to either deploy or maintain an IaaS cloud should turn to Managed Service Providers .
- Rethinking IT Operations in the Cloud This paper breaks down the challenges that often prevent the cloud from delivering the fast, flexible and affordable infrastructure companies seek - and...
- Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, North America Cloud-enabled managed hosting brings cloudlike consumption and provisioning attributes to the traditional managed hosting market
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Retail White Papers | Webcasts