With all the headlines of significant data breaches—most recently the hacking of potentially 18 million federal government employees—consumers and taxpayers are rightfully concerned about security improvements and whether their personal and financial information is protected. There is no question that serious action is needed to combat the epidemic of fraud brought about by criminals targeting American companies and government agencies.
Retailers are on the front lines in the fight to stop these breaches, upgrading the payment ecosystem in our stores to accept new "chip" credit cards that are harder for criminals to duplicate. A recent column on CNBC suggested that consumers don't forget data breaches. Retailers know that consumers are concerned about their privacy and are already spending billions to upgrade payment terminals in stores.
The cost of the transition to chip cards for financial institutions and businesses that use point-of-sale terminals will be significant. According to the Congressional Research Service, the cost is expected to be between $6 billion and $8 billion—of that amount a hefty 75 percent will be paid by merchants, making the transition to Europay, MasterCard and Visa (EMV) technology three times more expensive for them as for the issuers.
Consumers can already see these improvements for themselves at most large retailers, as many have already installed the new machines designed to accept chips cards. Retailers are currently testing these machines and are getting the software installed to meet an October 1 liability-shift deadline.
However, retailers are only half of the equation. As stores make strides to provide the best security available at checkout, banks and credit unions have been slow to issue the new chip cards that will be accepted at the register. Any consumer looking in their wallet or purse will likely find that more than half the cards they carry are likely to be the old "swipe" cards. These cards will still work, but they won't offer the same security. As retailers make investments to improve security at the point of sale, so, too, must the banks and credit unions by stepping up replacement of the cards in every customer's wallet.
Retailers are also asking card issuers to take more than a half step, and issue "chip and PIN" cards to American consumers. As it currently stands, banks are only issuing "chip and signature" cards in the United States, a less secure standard as signatures can easily be forged. It has been reported by the Federal Reserve that including a PIN makes a transaction up to 700 percent more secure, yet to date, banks are not issuing these cards to American customers.
Chip and PIN cards aren't rare, in fact they are the standard in virtually every other industrialized nation except the United States. Countries that have implemented chip and PIN technology have reported a significant decrease in card fraud, yet these are not the cards being issued in the United States today.
Retailers are making a massive investment to accept the most advanced forms of payment, but it's up to the issuing banks and credit unions to provide the more secure chip and PIN cards to their customers. Mobile-payments technology and tokenization will play an important role in the payments ecosystem as technology continues to improve and become more readily available. But today there are more than 1.2 billion credit cards in circulation, and the vast majority of purchases will still be made using cards for the foreseeable future. The fastest, easiest and smartest thing we can do to make transactions more secure in the near term is to upgrade credit cards with Chip and PIN technology. Retailers are making the investments needed to accept them, but we need the financial industry to make the same commitment.
Commentary by Brian Dodge, executive vice president of communications and strategic initiatives at the Retail Industry Leaders Association (RILA). Follow RILA on Twitter @RILAtweets.