Card issuers urged to ditch signatures

3 March 2014

Credit card issuers in the US are being advised to move away from signature-based security and instead embrace chip and PIN and EMV in order to protect customers and streamline payment processes.

The National Retail Federation (NRF) is calling on all American banks to follow the example set by JPMorgan Chase, which is moving solely to chip and PIN credit cards to bring it more in line with the rest of the western world.

Europe's successful introduction of EMV chip cards is an example of how the technology can help to save time and minimise theft, while such a move would also bring things in line with the law, as retailers will soon be liable for fraud-related losses stemming from a failure to upgraded their hardware.

Though this legislation will not come into force until October next year, the NRF says the high-profile attack on retail giant Target last year highlights that a move to chip and PIN needs to happen sooner, rather than later.

The Minneapolis-based chain suffered a sustained breach in late 2013 that led to the theft of around 40 million credit and debit card records, while 70 million other records with information such as addresses and phone numbers of shoppers were compromised.

The victims were mainly customers who made purchases by swiping their cards at terminals in Target stores between November 27th and December 15th, and the fallout resulted in the company reporting a 46 per cent drop in net profit in Q4, with $61 million in costs related to the breach.

The fact that America's third biggest retailer was the victim of such a sustained and systematic attack prompted JPMorgan Chase CEO Jamie Dimon to change his company's approach to issuing cards.

He commented: "All of us have a common interest in being protected, so this might be a chance for retailers and banks to for once work together, as opposed to sue each other like we've been doing the last decade."

The NRF is now urging all companies operating in the sector to follow suit, with the federation's president and CEO Matthew Shay saying the use of PIN is "absolutely essential" to provide merchants and customers with the "full extent" of protection available from chip-based cards.

Chip-and-signature cards no longer offer the level of protection needed to stop criminal hackers from "making money" off payment card data, and so anything less than migration to chip and PIN would be risky, he concluded.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development