Matthew Shay, the president and CEO of the National Retail Federation, said in a recent letter to the editor in response to a Jan. 26 editorial that the retail industry has long stressed, with pushback from banks, the need to migrate to PIN and chip standards.
The Jan. 26 editorial said retailers can reduce their risk for a cyberattack by shifting away from magnetic stripe cards, which are associated with a number of security concerns, adding that American retailers “have resisted” the introduction of chip-based cards because of costs associated with the implementation of new technology, The New York Times reports.
Shay said, however, that retailers have pushed for the chip and PIN standards “for years, while the banks have balked at issuing them.”
“At best, [banks] want a chip but no PIN, locking the front door but leaving the back door open,” Shay said, according to The New York Times.
The editorial pointed to the recent Target breach and a Verizon study that found nearly 80 percent of cyberattacks in 2012 were of “low difficulty,” meaning intruders found trespassing to be easy. The editorial said firms should consider the information collected and stored, because keeping sensitive information places the company and consumers at risk.
Shay said retailers only keep data “because the banks require us to,” adding that retailers requested in 2007 that they be allowed to keep just an approval code per transaction, with banks storing data that could be used to commit fraud. He also said retailers requested end-to-end encryption of payment data.
“The banks have yet to make either change,” Shay said, according to The New York Times.
Shay said card fraud costs billions of dollars each year and ultimately undermines the trust of American consumers.
“Retailers are spending millions in an effort to ensure that consumers are protected, and are willing to work with all stakeholders toward a long-term solution even beyond PINs and chips,” Shay said, The New York Times reports. “But we can’t do it alone. It’s time for banks to put consumers first and offer American shoppers the same security already being used in 80 countries around the world.”