Credit card fraud alerts and potential financial mayhem caused by data breaches have found their way into the headlines too often in the last several weeks.
Retailers and other businesses in Illinois are making their best efforts to secure databases and the consumer information they process in the face of organized and highly talented crime syndicates. But while we are attempting to protect our customers, we are also calling on banks to join the crusade: Financial institutions must commit to investing in 21st century credit card technology.
The time has come for banks to abandon their outdated credit cards and transition to the significantly more secure chip-and-PIN card used in the rest of the modern world. The United Kingdom enjoyed a 69 percent reduction of fraud at the point of sale after it transitioned to the chip-and-PIN card. Even Iran and North Korea have abandoned magnetic stripe credit cards and implemented a chip-and-PIN credit card system.
American banks have created, monitored and enforced the current security standards, payment system, and outdated credit cards that are under attack from hackers all over the world. Data security experts have repeatedly noted that criminals worldwide are focusing on the U.S. because of its outdated credit cards and processing system. The U.S. Department of Justice estimates that between 2005 and 2010, credit card fraud related incidents increased 50 percent in the U.S. As a direct result of this systematic failure, U.S. consumers currently account for 47 percent of the worldwide payment card fraud losses, while only accounting for 30 percent of the worldwide transactions.
Despite these overwhelming statistics, banks appear to be willing to continue risking consumer safety by attempting to shift responsibility to retailers rather than investing in a more secure payment system. It is estimated that it would cost $1.9 billion to issue chip-and-PIN credit cards. To put this cost in perspective, the banks collected $41.2 billion in interchange fees alone. Ironically, a portion of interchange fees is supposed to pay for security.
For inexplicable reasons, the banks have alternatively considered adopting their own proprietary chip-and-sign credit card. Chip-and-sign credit cards carry the same fraud risks that are associated with the current magnetic stripe credit cards. The chip-and-sign card is a profitable option for the banks, but the cards do not provide better security for consumers and businesses
Retailers and their customers are victims of the banks' failure to invest in the overwhelmingly more secure chip-and-PIN system that is proven to significantly reduce the ability of thieves to steal information. Nationally, retailers spend $6.47 billion a year on fraud prevention. This includes paying substantial fees to banks in order to remain compliant with their flawed security standards. Despite the money spent protecting their customers, retailers lost $4.16 billion as a result of credit and debit card fraud in 2012.
It is disappointing to see banks trying to blame retailers and other businesses when the banks designed, implemented and continue to support a system universally blamed by security experts as one of the biggest reasons for data breaches. It is time for consumers and businesses to demand the banks have the same concern for their U.S. customers they have had for their customers in the rest of the world and implement the more secure chip-and-PIN system.
In a state where the financial challenges are many, Illinois cannot afford to wait for chip-and-PIN technology any longer. However, we must be also wary of reactionary legislation but instead carefully form a national solution that is needed to protect customers who shop from coast to coast.
• Rob Karr is president and CEO of the Illinois Retail Merchants Association.