With the recent high profile data breaches at Target, Neiman Marcus & Michaels, the retailers & banks have started to turn on each other. This argument is not surprising now that the federal government is investigating and CEOs are being hauled in front of Congress. Improvements to the information security infrastructure is going to require significant financial investment and both sides seem to be positioning to defend against that.
“The finger-pointing is from two industries with considerable lobbying might. Their trade groups have been bombarding lawmakers with letters arguing why the other industry must do more — and spend more — to protect consumers.
“Nearly every retailer security data breach in recent memory has revealed some violation of industry security agreements,” the Independent Community Bankers argued last month. “In some cases, retailers haven’t even had technology in place to alert them to the breach intrusion, and third parties like banks have had to notify the retailers that their information has been compromised.”
The National Retail Federation has fired back.
Retailers must accept “fraud-prone cards” issued by banks that are attractive to thieves, the federation’s general counsel testified at a Senate subcommittee hearing on Monday. “Unlike the rest of the world, the U.S. cards still use a signature and magnetic stripe for authentication.”
The only thing them seem to agree on is the need for a federal standard, replacing the mess of state laws, for data breach notification. You can read the full story here: “Industries dodge breach blame”