Digital Transactions Authoritative, insightful and timely information for payments professionals
Americans love to shop. Whether online, in a small mom-and-pop business, or at a big-box retailer, shoppers turned out in droves this past holiday season. From Thanksgiving through Cyber Monday for example, online sales were up 12.6%–a record week–according to the IBM Digital Analytics Benchmark.
For the holiday season overall, the National Retail Federation predicted the average person celebrating Christmas, Kwanzaa, or Hanukkah would spend nearly 5% more than in 2013.
Holidays or not, shoppers are always searching stores and Web sites for that perfect deal—just as data thieves are trolling for any opportunity to steal consumers’ credit and debit card information.
Over the past year, headline-grabbing data breaches have enabled thieves to steal customer information across the country, leaving many consumers with questions about how safe their personal financial information is when they use cards to make purchases. Even if an organization is breached, payments systems are typically designed to protect consumers with fraud-prevention and -detection tools and with zero liability.
Consumers expect all companies in the payments industry to help protect their credit and debit card information, and the industry is committed to ensuring networks remain safe, reliable, and secure.
The payments companies that are members of the Electronic Transactions Association (ETA), the nonprofit trade association of the payments industry, enable $5 trillion in payments each year, making commerce fast and efficient for millions of retailers and consumers. As a result of the industry’s commitment to data security, card fraud is at historically low levels. But even one data breach is too many.
ETA members are working with e-commerce and brick-and-mortar merchants to establish a broad arsenal of tools—together, known as layered security—to protect against data criminals. Maintaining a layered-security approach throughout the payment-processing cycle is critical for providing consumers the privacy and safety they expect in today’s world.
Employing advanced technologies like credit and debit cards enabled with chips on the Europay-MasterCard-Visa standard (EMV cards) is one important step. Chip-enabled cards are already present in the U.S. market and more merchants are expected to upgrade to EMV-capable devices before the fraud-liability shift in October 2015. This will strengthen security and make it more difficult to produce counterfeit cards.
New technologies like tokenization and encryption help deter and prevent fraudulent activities on our payments systems. Mobile wallets using tokenization have been headline news recently, particularly with the launch of Apple Pay, which allows consumers to use their phones to pay for purchases at merchants accepting contactless payments and when making in-app purchases at participating online merchants.
The use of tokenization through near-field communication (NFC) adds another layer of security, helping strengthen transactions for both consumer and merchant.
Underscoring layered security is compliance with the Payment Card Industry data-security standards (PCI-DSS). This will be particularly important for online merchants once the EMV liability-shift kicks in, since data thieves are likely to focus on card-not-present vulnerabilities to continue their criminal activity.
In the end, there is no silver bullet to stop all data thieves. It is important for merchants to layer available security technologies to help protect their business and their customers’ data.
This month, I begin my one-year term as president of the ETA. The organization is celebrating its 25th anniversary in 2015 and is committed to positioning and securing our industry for the future. I take seriously the payments industry’s affirmative and continuing obligation to work with merchants to protect credit, debit, and other non-public financial-account information.
The payments industry is confident in the deployment of new technologies, engagement of vigilant merchant partners, and in our multilayered security approach. Together, maintaining consumer protection is our number-one priority.
Debra Rossi is president of the Electronic Transactions Association, Washington, D.C. and executive vice president of Wells Fargo & Co., San Francisco.
