December 30, 2013

Our View: Post-Target, don’t expect more-secure credit cards soon

No major industry player has an incentive to voluntarily adopt safer, up-to-date technology.

In 2005, it happened at TJX Cos. In 2008, it happened at Hannaford. Earlier this month, it happened at Target.

click image to enlarge

A customer signs his credit card receipt at a Target store in Tallahassee, Fla., in 2008. About 40 million credit and debit card account customers may have been affected by a data breach that occurred at the chain’s U.S. stores between Nov. 27 and Dec. 15.

2008 File Photo/The Associated Press

Customers’ credit and debit card numbers (and more, in Target’s case) were stolen by computer hackers, who use the information to make fake cards, resell the data on the black market or run up fraudulent charges. The Target data theft could wind up being one of the largest in history, affecting about 40 million people, likely including thousands who visited the retailer’s stores in Maine.

In the wake of massive breaches like these, security experts make a point of urging consumers to notify their banks, monitor their statements and watch for unauthorized transactions. They’re good suggestions, but they miss the bigger picture: Weak security makes it far easier to commit credit card fraud here in the U.S. than it should be.

Retailers, banks and credit card companies don’t want to foot the bill to make things safer. So though there’s talk of implementing voluntary preventive measures, don’t expect the situation to shift in the consumer’s favor any time soon.

Turn over your credit or debit card, and you’ll see a magnetic strip that stores account information, such as your name and account number and the card’s expiration date. This 1960s-1970s technology makes U.S. cards easy to copy. In most other countries, digital chips on the cards hold the account information. Since the chip is tough to replicate, criminals generally don’t bother doing so.

Why hasn’t the chip system been implemented in the U.S.? Probably because it calls for U.S. banks, retailers and credit card issuers to replace the 1 billion magnetic-stripe debit and credit cards now in circulation and put in place new processing systems. Only about 5 cents is lost to fraud for every $100 in credit and debit card transactions, so the chip shift isn’t seen as worth the cost.

By October 2015, the picture could brighten, say optimists: That’s the deadline set by major credit card companies for U.S. retailers to embrace smart cards. After that date, stores that process fraudulent sales from magnetic-stripe cards could get stuck with the losses.

But others say 2018 is a more realistic time frame in which to expect change, especially considering that it costs about four times as much to make a smart card as it does to make a magnetic-stripe one. And an expert is even more pessimistic: “Ten years from now, we’re still serving up magnetic-stripe cards,” David Robertson, publisher of a newsletter that follows the industry, recently predicted.

We’re relying on industry to make the chip switch voluntarily, but none of the major players has any real incentive to make credit cards safer. For the foreseeable future, then, expect the burden of protecting consumer safety to remain with the consumer.

Were you interviewed for this story? If so, please fill out our accuracy form

Send question/comment to the editors

Further Discussion

Here at we value our readers and are committed to growing our community by encouraging you to add to the discussion. To ensure conscientious dialogue we have implemented a strict no-bullying policy. To participate, you must follow our Terms of Use.

Questions about the article? Add them below and we’ll try to answer them or do a follow-up post as soon as we can. Technical problems? Email them to us with an exact description of the problem. Make sure to include:
  • Type of computer or mobile device your are using
  • Exact operating system and browser you are viewing the site on (TIP: You can easily determine your operating system here.)