Cost has U.S. banks stalling on ID theft deterrent

Credit and debit cards issued in the U.S. continue to use magnetic stripes, but those same banks use a more secure chip-and-PIN system in other countries.

  • Pin It

Leah Padow knows from identity theft. She recently had five accounts at three banks compromised.

The fraud occurred in mid-November, so it was apparently unrelated to the digital break-in at Target, which began after Thanksgiving and resulted in the card numbers and personal information of up to 110 million customers being accessed by hackers.

And it was apparently unrelated to the hack attack on Neiman Marcus, which began last summer and resulted in at least 1.1 million customers' card numbers being jeopardized.

But that's little comfort to Padow, 36, of the San Fernando Valley.

"You feel like you've been invaded," she told me. "You feel threatened. You immediately have to drop everything and spend many hours trying to stop this from happening."

Businesses clearly need to be doing more to safeguard customers' personal information. I recently proposed that all corporate databases be encrypted and other security measures be put in place. I also called on lawmakers to impose hefty fines on any company that fails to protect people's info.

But that's only half the battle. What's also needed is an overhaul of credit and debit cards to make them less vulnerable to fraud.

And we're not talking rocket science here.

All we need to do is follow the example of about 130 other countries that have abandoned magnetic stripes, or mag stripes, on credit cards and equipped their plastic with harder-to-hack security chips. They also require that all card transactions include a personal identification number.

Everyone seems to agree that the United States needs to join the chip-and-PIN party. Frustratingly, though, various business interests are squabbling over who should foot the bill, rather than focusing on the best way to protect American consumers.

Chip-and-PIN cards became widely used in Britain a decade ago. Since then, fraud losses from counterfeit cards fell more than 63%, according to a 2012 study by the Federal Reserve Bank of Atlanta.

During the same period, the study found, the fraud rate involving mag stripe bank cards in the United States increased 70%.

"With a clear pattern of fraudsters targeting non-chip transactions, the United States faces a significant risk of continued escalating fraud as long as the payments industry relies on mag stripe technology," the Fed bank study concluded.

The National Retail Federation supports a switch to chip-and-PIN cards. The industry group sent a letter to congressional leaders last week calling for an end to America's use of "easy-to-hack 1960s technology."

"For years, banks have continued to issue fraud-prone magnetic stripe cards to U.S. customers, putting sensitive financial information at risk," said Matthew Shay, president of the federation.

Adding insult to injury, he said, U.S. banks don't hesitate to tout the security benefits of chip-and-PIN cards for their customers in Europe and elsewhere.

The banking industry recognizes a need for change. It just doesn't want to be saddled with the full cost of implementing a new credit card system nationwide.

Banks want retailers to help pay the tab, which could run as much as $8 billion to issue new cards and upgrade card readers in stores.

"Much has recently been made about the ongoing disagreements between the retail community and the banking industry over who is responsible for protecting the payments system," Frank Keating, head of the American Bankers Assn., said in a letter to Congress after the Target hack was revealed.

"In our view, it is a shared responsibility of all parties involved," he said.

  • Pin It

Local & National Video

Local & National Video