GO
Loading...

US credit cards 'weakest link' for hackers: CEO

The failure in the U.S. to abandon magnetic strips for credit card chips makes American consumers more vulnerable to Target-like hacking attacks, said Martin Ferenczi, chief executive of Oberthur Technologies—a leader in chip payment credit cards.

In these smarter cards, also known as EMV cards, the magnetic strips are replaced by an embedded computer chip and PIN-number system for point-of-sales purchases. (EMV stands for Europay, MasterCard, and Visa—the companies that developed this payment standard, which is widely used outside of the U.S., although they cost much more to produce.)

(Read more: The dysfunctional state of America's credit cards)

"Our company has delivered to some major financial institutions in the U.S. cards in the millions for use overseas," Ferenczi said on CNBC's "Squawk Box" on Tuesday. "The world has moved to chip technology. So by definition, if the U.S. is not with chip technology, it becomes the weakest link, and the criminals focus on this geography."

In an exclusive CNBC interview that aired Monday, Target Chairman and CEO Gregg Steinhafel said he supports the EMV technology—especially in light of the cyberbreach at the retailer, which put the personal and credit credit information of as many as 110 million customers at risk.

(Read more: Target CEO 'still shaken' by breach)

But the difficulty and the expense of switching the entire U.S. payment system has created a "chicken-or-the-egg" situation between the nation's banks and retailers.

Banks don't want to start issuing the more costly smart cards—saying the retailers don't have the technology to read the new cards. Retailers say they don't want to incur the cost to switch to chip card readers, while banks are still issuing cards with magnetic strips.

Ferenczi acknowledges that the chip cards made by Oberthur Tech cost "between four and five times" more than magnetic strip cards.

Macy's Chairman and CEO Terry Lundgren told CNBC on that retailers, the banking and the credit card industries "should be working very closely together to figure out what is the right technology to protect the consumers … and then work around the solutions from there."

A series of upcoming, self-imposed deadlines is aiming to bridge the gap between the stakeholders. Banks have agreed to issue chip cards by October. In turn, retailers have agreed to install the new readers by October 2015.

Beginning in November 2015, if fraud occurs and a retailer was prepared to read a chip card but the bank was still issuing a magnetic strip card, then the bank will pay the fraud costs. If a bank issues a chip card and the merchant hasn't installed a chip reader, then the merchant will be responsible for the fraud charges.

Another reason that chip credit card hasn't been adopted in the U.S. is that the costs of fraud were too low relative to the upgrade costs, Ferenczi said.

But he argued that's changing, and the Target breach is a prime example of why moving to more secure payment methods "pales in comparison to any cost of fraud."

By CNBC's Matthew J. Belvedere. Follow him on Twitter @Matt_SquawkCNBC.

Introducing Morning Squawk: CNBC's before the bell news roundup

Sign up to receive Morning Squawk in your inbox each weekday › Sample

Contact Retail

  • CNBC NEWSLETTERS

    Get the best of CNBC in your inbox

    To learn more about how we use your information,
    please read our Privacy Policy.
    › Learn More