LOS ANGELES – The
recent data breach at Target
stores underscores the vulnerabilities of the current U.S. credit card system,
the Los Angeles Times reports.
Over the last decade,
most countries have adopted smart cards, which are credit cards that carry
information embedded on a microchip, rather than the U.S. preferred magnetic
strip. The former offers encryption that “has made the kind of brazen data
thefts suffered by Target almost impossible to pull off in most other countries,”
the Times wrote.
As a result of its less
secure credit card technology, the U.S. has become a target of hackers seeking
to steal credit card information.
"The U.S. is one
of the last markets to convert from the magnetic stripe," said Randy Vanderhoof,
director of the EMV Migration Forum. "There's fewer places in the world
where that stolen data could be used. So the U.S. becomes more of a high-value
target.”
Roughly 80 countries
use smart credit cards today, which allow for greater encryption and security.
Only about 1% of U.S. credit cards contain such technology.
"The U.S. is
slowly issuing these cards to users," said Joram Borenstein, vice
president of Nice Actimize, which helps companies analyze their security
systems. "It's harder to commit fraud against these cards. You have to
steal the chip information, and that's a lot more difficult."
The U.S. is slowly
moving toward smart credit card technology, with major card issuers laying out
a timeline for upgrading their card technology, many with an October 2015
deadline.
"The road map and
larger migration has provided issuers and merchants with the flexibility to
manage their business and technology decisions," said Jim Issokson, a
MasterCard spokesperson. "The decision on if, how and when EMV will be
implemented has been and will continue to be made independently by each issuer
and merchant.”
Paige Anderson, NACS director of government relations,
commented to NACS Daily:
“Consumers must have trust in their payment system to not
have their personal information stolen. Clearly, that trust has been broken
with the latest data breach incident. These data thefts, such as what happened
with Target, could be reduced with an encrypted PIN authentication — technology
that has existed for decades — on all card transactions. Tragically, powerful
special interests have stopped efforts to use this technology. As payment
technology evolves from the current magnetic strip on credit cards to EMV
chips, and eventually to a mobile wallet, a strong uniform authentication
process will be necessary to protect consumers and their personal information.”
For more on smart cards and EMV technology, see "A Chip on Their
Shoulder" in the
September 2012 issue of NACS Magazine.