Regional sites:
Specialized sites:
User entering PIN to complete a
transaction
Many influential U.S. voices are now advocating we take that step.
Donald G. Campbell, vice chairman of TJX, told the Boston Globe last summer that the breach within his organization would not have been successful if the U.S. payment systems had implemented chip-based bank cards, because the stolen numbers would have been useless. He also said, "Criminals, I believe, are focusing on the countries that haven't added that higher level of security.”
Avivah Litan, a vice president and distinguished analyst at Gartner Research, recommended the following to card issuers after the Heartland breach in a public statement on their Web site: “Follow the example of other regions migrating to stronger cardholder authentication methods, which render stolen data useless in transactions that require these methods. Canada and much of Europe and South America, for example, have moved or are moving to cards that require a card-resident chip or user-entered PIN to complete a transaction.”
In March 2009, at the Visa Global Security Summit in Washington, Ellen Richey,
chief enterprise risk officer for Visa USA, said, “I am often asked why the
U.S. doesn’t adopt chip. The answer is that it’s not a matter of adopting or
not, but a matter of when and how. In the U.S., we’re beginning to see adoption
of chip technologies first through contactless payments. Let me be clear: from
Visa’s perspective, chip technologies - both contact and contactless - can add an
important security layer. They also offer additional benefits for cardholders
and retailers, like convenience and speed. So we can and do fully support chip
technology.” (http://www.corporate.visa.com/md/dl/documents/downloads/EllenRichey09SummitRemarks.pdf)
| << Back to Financial Crime Malware | Next: US Business Case >> |
