The wake of the biggest data breach in U.S. history continues with its fallout, including the news from targeted Target that the hackers originally were able to pilfer their way into the discount chain’s system by “using electronic credentials stolen from a vendor,” according to an article in the Wall Street Journal.
That article points out the finding “underscores the risks companies face as they operate vast, interconnected business systems.”
But not all the fallout is necessarily bad. A couple of other articles observe that the breadth — and depth — of this particular “hack” may at last spur long awaited changes on the security front.
According to a Forbes piece, “American Credit Cards Improving Security With EMV, At Last.” It goes on to say that because of the vast breach, this “might be the first time most people ever heard of EMV,” which is probably true — only not for you, since you’re a regular reader of this blog, and we’ve been talking about their someday-on-these-shores-too arrival for a couple years now.
The article does quote Randy Vanderhoof of the Smart Card Alliance, who notes that “EMV would not have prevented the breach, but it would have made the company a less likely target for a data breach if the data stored in their system were less valuable to criminals.”
The piece also notes that “The United States is one of the last countries to migrate to EMV, according to the Smart Card Alliance. American Express, Discover, MasterCard and Visa have all announced their plans for moving to an EMV-based payments infrastructure in the U.S.”
As for what that means for U.S. merchants, the tech site Tom’s Guide has a great primer on EMVs, observing that “The chip-and-PIN system, also known as the EMV standard — for Europay, MasterCard and Visa, the originators of the standard — was first established in 1999 and has since almost completely replaced the magnetic-stripe standard in Europe.”
And not only Europe, but Asia, South America, Canada and Mexico!
The key take-away is this:” U.S. retailers have until Oct. 1, 2015, to install chip-and-PIN compatible card readers at stores. After that date, merchants will be held liable for any fraudulent charges resulting from misuse of magnetic-stripe cards.”
Meaning, you have a year-and-a-half to “prep” for EMV’s arrival yourself! Sounds like a great reason to call your AVPS rep today, to ask what you can do about security now — and any other aspect of improving your customer payment options –rather than wait two Halloween seasons hence. There’s time — it’s not even Valentine’s Day yet!
Though that’s coming in just two more blog posts!