Thursday, October 23, 2014
YOLO COUNTY NEWS
99 CENTS

Joe Nocera: Dogged by data theft

JoeNoceraW

By
From page A6 | February 12, 2014 |

“What is stopping us from moving to this kind of technology?” asked a perplexed Sen. Amy Klobuchar, D-Minn. It was last Tuesday, and the Senate Judiciary Committee, on which Klobuchar sits, was holding a hearing about the recent breaches of Target and Neiman Marcus in which the data from tens of millions of credit and debit cards were stolen.

The technology Klobuchar had in mind is known as chip-and-PIN. The chip refers to a computer chip embedded in a credit or debit card that encrypts data and authenticates the card. The PIN refers to a personal identification number the customer has to use, which, in effect, authenticates the user.

It is no big secret that, from a security standpoint, a chip-and-PIN system is far superior to the magnetic stripe that is the backbone of the credit and debit card systems in the U.S. Criminal gangs in Eastern Europe have learned how to penetrate many computer systems of U.S. retailers and “skim” credit card data at the moment a transaction takes place. That kind of theft would be virtually impossible with a chip-and-PIN system.

Nor is it news that much of the rest of the world long ago adopted chip-and-PIN technology; according to MasterCard, 79 percent of terminals in Canada, Latin America and the Caribbean are “chip-enabled,” a figure that rises to 95 percent in parts of Europe. But, inexplicably, this clearly superior technology has not yet penetrated the United States.

Or maybe it’s not so inexplicable. The main stumbling block, it would appear, is that retailers and bankers have spent way too much time blaming each other for the growing data theft problem — and not nearly enough time worrying about the people whose data have been stolen. Namely, us.

“Why did the U.S. stick with the mag stripe?” said David Robertson, publisher of The Nilson Report. It may not have been best for consumers, but it was “cheap and efficient” for the banks and retailers. What’s more, banks and retailers had a certain amount of fraud built into their business models. Thus, while a hacked card brought big headaches to the customer, it was just another cost of doing business for the other entities involved in the transaction.

Even as Europe and Canada were moving to a chip-and-PIN system, the U.S. banks held back. Fraud at the point of sale dropped dramatically in countries with chip-and-PIN. Still the U.S. held back. Every time there was a push to adopt chip-and-PIN, both retailers and bankers would do the math and come to the same conclusion: It wasn’t worth the trouble.

And when a company did try to adopt it? That’s what Target tried to do around 2003 — only to discover that it was largely a waste of money if nobody else went along. In Europe and elsewhere governments had pushed companies to adopt chip-and-PIN. In the United States, the banks and retailers needed to be able to work together — spending billions both to manufacture new cards and install new terminals that could read the cards.

There are two things that are likely to change the equation. The first is the Target breach, which, one expert told me, could involve as many as one in every 10 cards in circulation in the U.S. Many of the cards are debit cards, which means if the card is used by a crook to make a purchase, it comes directly out of the customer’s bank account. (Target has vowed to indemnify any customer who has losses as a result of the breach.)

The Target breach has shown the reputational hit a company can take when its system is breached. It also has had business consequences: the last two weeks of the Christmas season were lousy ones for Target — and the publicity from the breach is considered a prime culprit.

Second, though, Visa and MasterCard have both set forth timetables that attempt to institute the adoption of embedded-chips technology by the fall of 2015. Although the timetables are not mandatory, they would essentially shift the liability for card losses on to whichever side — the bank or the retailer — has the least secure technology. Although there were various calls for delaying the implementation yet again, those calls stopped once the Target breach took place.

Which is not to say that the banks and the retailers are now seeing eye to eye. When I spoke to a bank lobbyist last week, he told me that the real problem was “a weakness in the internal computer system of large companies that sophisticated criminals have learned to exploit.” The retailers, meanwhile, retort that the banks have continually come up with ideas short of chip-and-PIN, none of which ever worked for long before the bad guys figured how to breach them.

The only thing missing from these arguments is the consumer.

— The New York Times

Comments

comments

.

News

Davis Innovation Center application gives city options

By Dave Ryan | From Page: A1 | Gallery

 
Pioneer students meet K-9 Officer Dexter

By Anne Ternus-Bellamy | From Page: A1 | Gallery

 
Versatile cycling contributor Casale Jr. heads to Hall of Fame

By Bruce Gallaudet | From Page: A1 | Gallery

 
 
Leading indicators up 0.8%

By The Associated Press | From Page: A2

Huge gold nugget going up for sale

By The Associated Press | From Page: A2

 
Police warn of IRS phone scam

By Enterprise staff | From Page: A2

Canada stunned by attacks

By The Associated Press | From Page: A2

 
High-flying fun at University Airport

By Enterprise staff | From Page: A3 | Gallery

Arboretum plant sale is Saturday

By Enterprise staff | From Page: A3

 
Parents’ Night Out on Friday at Pole Line Baptist

By Special to The Enterprise | From Page: A3

Military Families seek help to send Hugs from Home

By Enterprise staff | From Page: A3

 
Day of the Dead observance focuses on refugee children

By Enterprise staff | From Page: A3

Mercer Clinic benefits from pooch costume pics

By Enterprise staff | From Page: A3

 
DPNS has play group, preschool openings

By Enterprise staff | From Page: A3

UCD Vet Med hosts animal ‘adoptathon’

By Special to The Enterprise | From Page: A3

 
Day of the Dead folk art class set

By Enterprise staff | From Page: A4

Carlton invites community to its Haunted Harvest

By Enterprise staff | From Page: A4

 
Fly-casting champion will speak to fishing enthusiasts

By Special to The Enterprise | From Page: A4 | Gallery

Check out classic cars once again

By Enterprise staff | From Page: A4

 
Flea Market planned Sunday

By Enterprise staff | From Page: A4

A nose for mysteries: ‘Cadaver dog’ work more accepted by cops, courts

By The Associated Press | From Page: A4 | Gallery

 
‘Bak2Sac’ free train ride program launched

By Enterprise staff | From Page: A5

Cooperatives meet community needs

By Special to The Enterprise | From Page: A6

 
Co-op trivia

By Special to The Enterprise | From Page: A7

Author visits Woodland for community book project

By Enterprise staff | From Page: A9

 
.

Forum

We support Archer, Adams

By Letters to the Editor | From Page: B4

 
We need Sunder on board

By Letters to the Editor | From Page: B4

A leader our schools deserve

By Letters to the Editor | From Page: B4

 
Knowledgeable, experienced

By Letters to the Editor | From Page: B4

I support John Garamendi

By Letters to the Editor | From Page: B4

 
We have confidence in Madhavi

By Letters to the Editor | From Page: B4

Tom Meyer cartoon

By Debbie Davis | From Page: B4

 
Our view: Two more years for Garamendi

By Our View | From Page: B4

Two are especially qualified

By Letters to the Editor | From Page: B4

 
A force for good on board

By Letters to the Editor | From Page: B4

.

Sports

Davis tennis team takes title

By Enterprise staff | From Page: B1 | Gallery

 
Picture-perfect: DHS field hockey finishes 14-0

By Enterprise staff | From Page: B1 | Gallery

Blue Devils look for first home victory

By Thomas Oide | From Page: B1

 
Aggie men beat Cal Poly, 1-0; alone at the top

By Bruce Gallaudet | From Page: B1 | Gallery

Giants loss evens World Series at 1-1

By The Associated Press | From Page: B1 | Gallery

 
Devil soccer loss sets up important final week

By Enterprise staff | From Page: B2

 
JV/frosh roundup: DHS underclassmen shine in water polo events

By Enterprise staff | From Page: B3 | Gallery

Youth roundup: Hurricanes handle American River twice in one day

By Enterprise staff | From Page: B3 | Gallery

 
.

Features

Girl Scouts join effort to keep kids healthy

By Anne Ternus-Bellamy | From Page: A8 | Gallery

 
Hand sanitizer versus soap and water

By Anne Ternus-Bellamy | From Page: A8

What’s happening

By Anne Ternus-Bellamy | From Page: A8

 
Name Droppers: Foster parent heads to First 5

By Enterprise staff | From Page: A12

.

Arts

If it can go wrong it will go wrong

By Michael Lewis | From Page: A10

 
 
San Francisco Symphony visits with conductor/pianist Zacharias

By Jeff Hudson | From Page: A10 | Gallery

DMTC plans Halloween karaoke fundraiser

By Enterprise staff | From Page: A11

 
The Rhythm Future Quartet plays at Village Homes Community Center

By Enterprise staff | From Page: A11 | Gallery

 
All are welcome at Fun Time Follies

By Enterprise staff | From Page: A11

 
DHS Madrigals plan traditional English winter celebration

By Enterprise staff | From Page: A11

‘Under the Covers’ concert benefits KDRT

By Enterprise staff | From Page: A11

 
DHS Madrigals host singing workshop

By Enterprise staff | From Page: A11

Jam with folk musicians on Friday

By Enterprise staff | From Page: A11

 
.

Business

.

Obituaries

Dorothy Foytik

By Enterprise staff | From Page: A4

 
Mariana Brumbaugh Henwood

By Special to The Enterprise | From Page: A4

.

Comics

Comics: Thursday, October 23, 2014

By Creator | From Page: B10