Data breaches require PINs

“Cyber Week” on Capitol Hill has come and gone, but it appears Congress has made significant strides in finally beginning to close some of the gaps in the country’s data security systems. With several cybersecurity bills underway—protecting Americans’ personal information is now a legislative priority. 

And while it is certainly significant that Congress is on the right track in addressing these problems, there is a crucial component missing from the dialogue: payment security. As such, we are calling on government leaders to help make chip and PIN technology for credit and debit cards a reality in the U.S.

ADVERTISEMENT
In a letter sent today to Congress, the White House, the Federal Reserve and the Consumer Financial Protection Bureau, we, along with the consumer-education campaign ProtectMyData and national nonprofit DiverseTech, are asking the nation’s leaders to acknowledge the importance of improving credit card security. Without an institutional and universal solution to our failing payment security systems, consumers will continue to remain vulnerable to fraud.

We are urging Congress to increase pressure on the country’s largest credit card issuers to ensure they are providing consumers with the best possible safeguards to protect consumers and their financial transactions.

In recent years, we’ve seen a dramatic rise in the severity and intensity of data breaches. This seemingly never-ending trend has left countless American consumers and businesses victims of data theft and financial fraud.

With improved payment security, however, much of the fraudulent activity could be—and would have been—prevented.  Our archaic credit card technology relies on the decades-old magnetic stripe model, which requires a signature as a secondary form of verification. While many card issuers are increasingly deploying new chip-enabled cards that encrypt data at point-of-sale terminals during transactions, those cards still rely on a signature as a secondary form of verification – a system that provides little to no added protection. Signature verification is not a credible element of security as it can be easily forged or altogether ignored.

Chip and PIN cards, on the other hand, provide two unique security features. First, the encrypted microchip encodes each transaction at the point-of-sale terminal so that a consumer’s information cannot be duplicated. Then, a consumer must verify his or her identity by entering a PIN number. Only after both those conditions are met is a transaction authorized.

Evidence of chip and PIN’s benefits and heightened security protections were highlighted by an Executive Order issued by President Obama last October requiring chip and PIN technology for government issued credit cards and upgrading point-of-sale terminals at federal buildings. This was an important step, but more must be done to expand these protections for all Americans.

Since payment processes are increasingly diverse and connected to extensive networks and data centers, ensuring their security at the point-of-sale is a critical step in protecting American consumers and catching up to the rest of the world. Only the dual chip and PIN combination provides Americans the safeguards they deserve.

Chip and PIN cards have long been the standard around the world, particularly in Europe, Australia, South America, and parts of Asia and Africa, where each have experienced a sharp decline in counterfeit and fraudulent transactions. For instance, the two-prong protection reduced in-store fraud in Canada by 50 percent and 70 percent in the United Kingdom.

Consumers expect and deserve the same standards in the United States. And our collective goal is to ensure this issue is of the utmost importance to policymakers in Washington, D.C. and around the country.

While we applaud Congressional efforts to improve public and private security measures and are encouraged by the bipartisan approach to strengthen consumer protections, a gaping hole remains if payment security is overlooked. Given the success of chip and PIN around the world, and its proven ability to reduce fraud, it is clear this technology is an important part of safeguarding the financial transactions millions of Americans make every day. Congress must not neglect this reality any longer.

Keenan is president and CEO of the Multicultural Media, Telecom and Internet Council. Mendoza is the executive director of the Hispanic Technology and Telecommunications Partnership.