Credit card data security is a growing concern in the industry as news of major data breaches become more commonplace. When major retailers get hacked, they have usually complied with cybersecurity guidelines set by the credit card industry, as Mastercard, Visa, and other credit card companies require retailers to pass an audit.
This audit by Payment Card Industry (PCI) does not necessarily offer much protection against fraud, however. Neiman Marcus had met these standards when it announced in January that customer credit cards were comprised from July through October. Target, which suffered a record-breaking hack of its data in November, had also been certified.
According to Ryan McInerney, president of Visa, Inc., “The recent high-profile breaches have served as a catalyst for much-needed collaboration between the retail and financial services industry on the issue of payment security.”
After several major breaches in card data, Visa and Mastercard have announced an initiative this month to increase payment security. One way this will be done is by expanding chip technology in the United States.
Chips generate a unique code for each transaction, which makes it much harder for the cards to be counterfeited. This technology is used widely around the world.
Visa and Mastercard had set an October 2015 deadline for U.S. merchants and banks to implement chip technology, but the new initiative will also focus on ways to improve security of mobile and online transactions.
The United States has lagged behind most other developed countries in adopting stronger security, including smart chips, point-of-sale data encryption, and secondary ID numbers to use for online transactions. While PCI standards have certainly stopped some breaches, recent headlines show this is not enough.
One such recent headline came this weekend as Mastercard announced it is investigating reports that the California Department of Motor Vehicles experienced a breach of credit card data.
Along with adopting smart chip technology, security experts point to several other strategies that can improve credit card data security. One such option is end-to-end encryption, through which encoding at a point-of-sale terminal protects data as soon as it enters the system. Dynamic authentication adds a button to the credit card to reset the magnetic strip data after each purchase, while tokenization generates temporary codes for credit cards to be used for online transactions.
Visa and Mastercard, long-time rivals, first began to team up in 2012, when they announced problems with third-party security companies. The two giants will now collaborate to form an electronic security group to increase security for credit and debit cards.