News Feature | March 7, 2014

NRF Pushes Congress To Examine Data Breaches In "Holistic Fashion"

ARW Edit Headshot 2

By Anna Rose Welch, Editorial & Community Director, Advancing RNA

Survey Shows Lack Of SMB Preparedness For EMV Credit Card Transition

NRF continues to urge banks to use chip and PIN cards to promote security

In an effort to promote a more secure retail environment in the future, the National Retail Federation has submitted a statement for a hearing on data security being held by the House Financial Services Committee’s Subcommittee on Financial Institutions and Consumer Credit. This statement urges congress to investigate the most recent data breaches in a “holistic fashion.”

Duncan Mallory, NRF senior VP says, “It’s important to look at why such breaches occur and what the perpetrators get out of them so that we can find ways to reduce and prevent not only the breaches themselves, but the fraudulent activity that is often the goal of these events. If breaches become less profitable to criminals then they will dedicate fewer resources to committing them and our goals will become more achievable.”

One of the methods the NRF has proposed is the adoption of chip and PIN cards. Banks are already planning to release chip-based cards next year. However, the NRF President Matthew Shay still argues that a chip-based card with no PIN is essentially “locking the front door but leaving the back door open.” Last week, Retail’s BIG Blog featured an infographic on the security benefits of cards that deploy both chip and PIN technology. This technology makes it almost impossible to duplicate a card. Even if duplication should occur, the consumer’s personal PIN stands in the way of the thief using the fake card.

In addition to the need for chip and PIN cards, there is also a growing need for more competition among the payment networks as the retail industry sets its sights on mobile commerce. Duncan says that these chip cards should “use open standards and allow for competition among payment networks as we move into a world of growing mobile commerce. Finally, we need companies throughout the payment system to work together on achieving end-to-end encryption so that there are no weak links in the system.…”

In its letter, the NRF also came out in support of the numerous legislative proposals to enhance consumer protection. These proposals call for more information sharing among the industries in order to remain aware of emerging cyber threats. These proposals also call for increased resources for law enforcement to investigate and prosecute cybercriminals and a federal breach notification law modeled after state law.

Of course, the NRF is aware that the elimination of all fraud is “likely to remain an aspiration.” However, Duncan says that every party in the country’s payment system plays an important role in maintaining consumers’ privacy. In pushing for chip and PIN cards and urging further investigations, Duncan says the NRF is doing its part to help eliminate fraud and protect the U.S. consumer.