CREDIT-CARD BREACH

Switch from card-swiping to chip-and-PIN overdue

 
 
MCT
MCT
Nease / MCT

The Boston Globe

Police in Texas recently arrested two drivers carrying 96 fake credit cards, which authorities initially suspected were manufactured using numbers stolen in the massive Target credit-card breach. On the same day, South Korean authorities announced “the theft of personal information from more than 100 million South Korean credit cards and accounts.” As data heists become ever-more aggressive, it is increasingly necessary to switch from America’s hoary card-swiping to the chip-and-PIN cards that have made Europe safer.

The age when consumers paid with cash and checks seems as quaint and distant as the age when horses trotted down Commonwealth Avenue and gas lights flickered in the dusk. Seventy-eight percent of Americans have debit cards, and 70 percent have credit cards. Much of the credit- and debit-card revolution is real progress. Our transactions are quicker. Retailers who want to sell to customers without bundles of currency don’t need to operate their own mini-lending agencies.

But credit cards also carry costs; some Americans over-borrow and spend years paying off debt at high rates. While most consumers know how to prevent excessive debt — don’t spend the money — credit-card fraud is a far more shadowy danger.

And in no small part because of the now-primitive magnetic-strip technology that the cards generally use, credit-card fraud has become one of the common hazards of life. A few years ago, I spent hours arguing that I was not responsible for a $15,000 used car purchase in some remote English town. More than 5 percent of consumers either lose their cards or have them stolen annually, and each lost or stolen card is associated with about $600 in fraudulent use.

We can reduce the losses from credit card fraud by switching to so-called smart cards with chips that require PINs. There is a long-established global standard called EMV — for Europay, MasterCard and Visa — for smart cards, which are harder to reproduce en masse than magnetic-strip ones; the PINs they use are more secure than signatures, which are easy to imitate and often go unchecked anyway. Britain implemented chip-and-PIN in 2004, and since then fraud from lost or stolen cards has declined by 61 percent. The fraud rate in face-to-face transactions in France has also fallen dramatically. In contrast, there’s a market in South Korea for stolen credit-card information because chip-and-PIN systems haven’t caught on in that country.

There are ironies in the fact that America remains an island of card swiping in a world that has largely embraced PINs. Target was an early pioneer of smart-card technology in the United States, but the company dropped the experiment because it was slowing down checkout lines.

Adopting smart cards isn’t free. One estimate is that the cost of replacing cards and payment terminals will exceed $5 billion. I am not looking forward to typing in PIN numbers for the rest of my life. Moreover, thieves will surely figure out new ways to steal, by targeting online transactions and stealing PIN numbers.

Chip-and-PIN is not a panacea, just the inevitable next step in an ever-escalating arms race with the hackers. Reports now suggest that the code that compromised Target was written by a Russian teenager. If data theft on this scale is that easy, then we need to at least move to the global standard for smart cards — and be prepared to adopt future security improvements.

In Britain, the push toward smart cards came from an association of financial institutions; later, the government backed the group’s recommendations. Occasionally, a central institution in other countries, such as the European Central Bank, will give the process a push. And if the Consumer Financial Protection Bureau of the Federal Reserve Bank chose to nudge the United States toward chip-and-PIN by verbally exhorting the industry to move swiftly, it certainly can’t hurt.

But especially in light of the potential for interference from — or backlash within — a fractious Congress, I’d rather see a private solution. The credit card companies and retailers that carry most of the losses from fraud should have strong enough incentives to adopt the safer technology. Moreover, the Target data breach, which has affected as many as 110 million customers, likely ensures that Americans will be more open to typing in a few numbers at the point of sale.

Edward L. Glaeser, a Harvard economist, is director of the Rappaport Institute for Greater Boston.

© 2013 The Boston Globe

Read more Other Views stories from the Miami Herald

  • In My Opinion

    When journalism is too good to be true

    When a Gallup poll this summer showed that 80 percent of Americans have little faith in the news media, there was a good deal of consternation in U.S. newsrooms. Some of it came from me. We’re used to getting called liars by the hucksters and connivers and knaves we write about. But it’s pretty frustrating to hear that readers don’t trust us, either.

  •  
MONTANER

    WORLD AFFAIRS

    Past looms large in Islamist outlook

    The radical Islamists want to kill Pope Francis, according to the Italian daily Il Tempo. I’m not surprised. The permanent enemy of these anachronistic characters is Christianity, not the Jews.

  • VOTING & RACE

    Finding justice on racial issues through the ballot

    The eyes of America remain focused on Ferguson, Missouri, gripped by the aftermath of Michael Brown’s death. The anguish of Ferguson — from the murder of an unarmed young person of color, to the lack of accountability fueled by a sheer disregard for black lives — is all too familiar for Florida.

Miami Herald

Join the
Discussion

The Miami Herald is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere on the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

The Miami Herald uses Facebook's commenting system. You need to log in with a Facebook account in order to comment. If you have questions about commenting with your Facebook account, click here.

Have a news tip? You can send it anonymously. Click here to send us your tip - or - consider joining the Public Insight Network and become a source for The Miami Herald and el Nuevo Herald.

Hide Comments

This affects comments on all stories.

Cancel OK

  • Marketplace

Today's Circulars

  • Quick Job Search

Enter Keyword(s) Enter City Select a State Select a Category