Menu
ABA Banking Journal Home
Menu

Target… And it only gets worse!

As long as the U.S. remains a mag-stripe country, fraud will soar

Target… And it only gets worse!

Much has been written regarding the Target system data breach compromising approximately 40 million cards. This is not the first major breach we have read about and won’t be the last. It seems as though they are becoming more frequent and bigger—at least from my perspective—and the situation is getting worse.

Yes, the consumer’s trust has been shaken and some have taken legal action against Target to try to recover funds lost and to hold Target accountable. The theme: If you want my business and my trust then you need to do a better job taking care of the financial information I entrust you with! I expect to see more of this type of activity in the future.

The financial industry has also been adversely impacted in regard to this event. First comes the calls, then the refunds, then it is the fees financial institutions pay their processors to try and get to the bottom of all of these fraud calls. Then comes the inevitable, the reissuing of cards. The rough estimate, 40 million cards times $10 each. Yup, no less than $400,000,000 minimum to re-issue the compromised cards. Did I neglect to tell you that there is a MO-HUN-DUS amount of money made in the card fraud card replacement business?

Who pays for this? At first blush it is the financial institution, not the processor and not the merchant or retailer that has been compromised. Over time, we all pay, some just pay sooner!

The point to be made is that we as an industry need to get serious about debit and credit card security. Another fraud wave is building in North America and it has to do with the mag-stripe on the back of the plastic cards we use and the lack of encryption versus the EMV initiative which is often referred to the Chip + Pin security feature being implemented throughout Europe, Canada and Mexico.

We found out through the Target compromise that card data stored at retail merchants is not encrypted, with exception of pin data.

As mentioned in an earlier blog on EMV technology and encryption, by 12-31-15 mag-stripe debit card transactions will no longer be accepted at point of sale (POS) terminals in Canada.

The United States will be the only country in North America where the cards will continue to have unencrypted data encoded on the mag-stripe and you can be assured that our card fraud is on the increase in a big way. Every financial institution should require more of their processors and of MasterCard, Visa, American Express and Discover when it comes to security, security devices and systems.

There are bigger targets out there than Target! Let’s hope your institution is not one of them.

The Wombat!           

Dan Fisher

Dan Fisher is president and CEO of The Copper River Group, a consulting firm headquartered in Fargo, N. D., that focuses on technology and payment systems research and consulting for community financial institutions. For nearly 30 years, Fisher has worked in the financial industry using technology to improve the bottom line. He was CIO of Community First Bankshares (now part of Bank of the West), has served as a director of the Federal Reserve Board of Minneapolis, the chairman of the American Bankers Association Payment Systems Committee, and was a member of the Independent Community Bankers of America Payments Committee. Fisher has written numerous articles on banking technology and the payments system. He has authored or co-authored six books and recently published a book titled, "Capturing Your Customer! The New Technology of Remote Deposit." You can contact Fisher at dan@copperrivergroup.com.
P.S. To understand Dan's nickname, check out "About the Wombat" on his website.       

back to top

Sections

About Us

Connect With Us

Resources