Target breach exposes lackluster credit card security

U.S. lags behind other nations in anti-fraud efforts

  • A customer signs a credit card statement next to a scanner in a Target store on December 19, 2013 in Miami, Florida. Target announced that about 40 million credit and debit card accounts of customers who made purchases by swiping their cards at terminals in its U.S. stores between November 27 and December 15 may have been stolen.
A customer signs a credit card statement next to a scanner in… (Joe Raedle / Getty Images )
December 28, 2013|By John Fritze, The Baltimore Sun

Retail giant Target has borne the brunt of bad publicity over a data breach that left millions of credit cards vulnerable to theft this month, but experts say part of the blame rests with the antiquated technology used by U.S. consumers.

The United States is one of the last countries to migrate to credit cards with a microprocessor that makes them harder to reproduce than the magnetic strip technology in use today. The so-called EMV cards have been adopted in 80 countries and are widely used in Europe.

By contrast, only about 1 percent of the U.S. market uses the technology.

"If we were further along, there would be less of an incentive for these types of fraud schemes," said Randy Vanderhoof, director of the EMV Migration Forum, a group that represents merchants, card issuers and payment processors.

The reasons why the U.S. has fallen so far behind other countries in adopting EMV are varied, experts say. For one thing, payment systems in this country have not been targeted as frequently by hackers — though that is beginning to change. Some analysts also suggest banks, credit companies and retailers have been hesitant to spend the money to switch out the cards and swipers.

Up to 40 million customers nationwide who used credit cards at Target between Nov. 27 and Dec. 15 are vulnerable, the Minneapolis-based company said. Federal agencies are investigating the breach, and it's not clear how many people were affected in Maryland.

Target did not respond to a request for comment.

While account information can still be stolen from the new cards, the chip technology makes it harder for thieves to reproduce the information onto knockoffs.

Most credit card companies have developed plans to update the technology by 2015. It's not yet clear whether state or federal lawmakers will make a sustained push for expediting that transition.

"The decision on if, how and when EMV will be implemented has been and will continue to be made independently by each issuer and merchant," MasterCard spokesman Seth Eisen said in a statement.

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.