Industry Groups Back White House Action on Data Security

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://associationsnow.com/2014/10/industry-groups-back-white-house-action-on-data-security/

U.S. credit and debit cards are about to get a major upgrade after
President Obama signed an executive order last week that will require the
federal government to begin using microchip technology. Banks and retailers
applauded the move.

Apple Pay, which officially rolled out on Monday, isn’t the only threat to
the standard magnetic stripe debit and credit cards that live in American
consumers’ wallets.

An executive order signed by President Obama last week may help bring an
end to the card-swiping era even sooner than expected. The measure aims to
improve security for federal credit and debit cards by switching to the
microchip and PIN cards (also called EMV-enabled cards) that are prevalent
throughout the rest of the world but which U.S. banks and companies have
been slow to adopt.

Along with signing the order, Obama urged those same banks and retailers to
join the government’s effort in fighting back against the increasing threat
of data breaches and identity theft. In just the past week, Staples and
Kmart became the latest major retailers to confirm breaches, joining a long
list of companies that have been hacked in the past year.

“The idea that somebody halfway around the world could run up thousands of
dollars in charges in your name just because they stole your number, or
because you swiped your card at the wrong place in the wrong time, that’s
infuriating,” Obama said at the signing event.

The White House also confirmed that major companies, including Target,
Walgreen, Wal-Mart Stores, and Home Depot, will roll out secure chip and
PIN-compatible readers, with most being available by January 2015.

While industry groups have been  pushing for a switch to the upgraded card
formats for years, they’ve had little success. After the president signed
the executive order, many of them announced their support.

“From insisting on PIN and chip cards to facilitating greater information
sharing among retailers and others sectors, we are committed to finding the
right answers with the latest technologies to stop these cyber thieves,”
National Retail Federation President and CEO Matthew Shay said in a
statement. “This is not an issue about large retail versus small, or global
financial institutions versus community banks and credit unions, or the
federal government versus municipalities. We all stand together in seeking
solutions to prevent criminals from accessing personal financial data
regarding our customers, investors and citizens through preventable data
breaches.”

Similar sentiments were shared by the American Bankers Association,
National Restaurant Association,  Electronic Transactions Association, and
several other industry groups. And small business owners—who might be
hesitant to upgrade their payment-processing technology because of the
potentially high cost—were urged to adopt chip technology in an article
posted on the National Federation of Independent Businesses website.

“U.S. merchants are not required to adopt chip technology, but we think
it’s a smart choice to protect their businesses from counterfeit fraud,”
Kim Lawrence, a consumer products executive at Visa, said in a Q&A with
NFIB. “Chip enablement could range in cost from nothing for software
activation to a few hundred dollars for a new terminal.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!