Data breaches are common, mostly limited, and unpublicized. Money is stolen, secrets exposed, powerful men embarrassed, implicated, shamed. But these are usually not catastrophic. By contrast, when a merchant neglects to safeguard the private personal data entrusted to it by its customers, the loss of a carefully crafted reputation, the meltdown of painstakingly constructed trust, may drain the heart of the merchant’s business and even pose a survival challenge.
By way of example, Target Corp.’s profits dropped by 46% in the first quarter after the breach, and the overall financial impact has not been tallied yet, but it may top the billion-dollar mark. Merchants and banks bond together looking for an answer.
Well, first let’s leave the banks out of it. We all engage with one bank or two, checking our status every so often. By contrast, we each buy from scores of merchants a dozen times a day (to the tune of over 75 billions card transactions annually). As the public interaction with merchants far exceeds that with banks, so does merchant vulnerability exceed that of banks.
Banks do offer to take the financial hit from their defrauded customers. After all, the psychological pain of a stolen identity does not have an accounting entry. But they are not interested in a fundamental remedy because currently deployed security measures hold the fraud rate to less than one-half of a percent. It is cheaper to pay up than to spend a fortune on additional measures.
The more fundamental difference between merchants and banks in this regard is that banks have to hold on to their customers’ sensitive private data. Merchants don’t. Hence, merchants can solve this pressing problem by simply not holding on to the data the hackers are after.
This can be done through tokenization. Tokens are pointers to the critical data. In principle, tokenization relieves the merchant of the “hot data,” but the combined complexity and various vulnerabilities of tokenization and de-tokenization render this solution a stopgap type.
The fundamental solution is cash—e-cash, digital money. A new proposal calls for “invisible cash.” Customers will hand over their credit or debit cards and claim the merchandise, as they do now. Only the merchant will not log in the card data and will not pass it to the network. Instead, the merchant will direct that data to BitMint, or to any other issuer of non-speculative digital money.
The digital-money mint will sell the customer digital money in the amount of the purchase she made from the merchant, using her card data over the network. But that cash will be handed not to the customer but to the merchant, against which the merchant will release the merchandise. The merchant will be able to redeem that digital money at the mint about two days later, after the settlement has concluded and the mint got the money from the card issuer.
From the merchant’s point of view, it is as if the customer bought the goods with digital money—with cash. From the customer’s point of view, it is as if nothing changed—almost. Should the customer wish to return the merchandise, she will have to deal with the merchant’s return policy, like every cash customer, without involving the network in the dispute.
And since digital money can be tethered (like the old travelers’ checks), the merchant could tether the money to itself as the sole authorized redeemer. So, (i) it will be immunized against hackers the way travelers’-checks holders are, and (ii) it will be able to sell that cash to its customers at a discount, making them happy and assuring itself of their loyalty. They cannot use that tethered money with the competition. Over time the plethora of ground-breaking uses of this new form of money will further enable payment convenience and shopping efficiency.
Who will save merchants from the nightmare of a Target or Home Depot? The merchants themselves, realizing that it is their problem to solve, and further realizing that, with $6 trillion dollars in annual exchange, it is virtually impossible to defend payment card data. The only solution is not to keep that data, which they can do without.
When merchants come to see that the 50-year-old card-payment regimen with its authorization, clearing, and settlement procedures is approaching sunset and is being replaced by the conceptual simplicity of digital cash, they themselves will adopt, deploy, and enjoy the new security horizons.
Gideon Samid • Gideon@BitMint.com