By Jill Jaracz


5 Min. To Read

* Editorial Disclaimer

This post may contain references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. The content or opinions contained within this post come from third party journalists or members of the Editorial Team and are not supplied by any of our partners.

In dealing with the aftermath of the breach on its computer systems, Target has announced that it plans to speed up its planned implementation of chip-enabled smart cards, also known as EMV cards.

Target's Chief Financial Officer John Mulligan announced the company's plans during a testimony before the Senate Committee on the Judiciary in Washington, D.C. The committee held a hearing in early February to better understand the recent data breaches at Target and Neiman Marcus and whether the government should act in order to help combat cybercrime.

"[Data breaches] compromise privacy and security of millions of Americans, potentially putting one in three of Americans at risk for identity theft and other cybercrimes," said Senator Patrick Leahy, Chairman of the committee.

Senator Leahy noted that these types of breaches can weaken consumer confidence in businesses' ability to keep their personal information safe, which in turn could actually weaken the economy. Leahy also noted that businesses in the United States pay more than other nations for cybercrime attacks, citing a Symantec study that found the per capita costs per compromised record were $277 in 2013.

Mulligan testified that Target was working hard to get back the confidence of its guests, which is the term the store uses for its customers. To that end, the company says that chip and PIN technology, which is found in EMV cards, would be more effective. "That would have rendered the account numbers that were taken far less useful."

Fran Rosch, senior vice president, Security Product and Services, Endpoint and Mobility at Symantec Corporation, a data security company, testified that while chip and PIN technology is definitely a step in the right direction, but it's "not a panacea." Rosch said this technology has three particular benefits. First, hackers have a more difficult time getting at data because the information stays encrypted longer. Next, cards are more difficult to duplicate, and finally, with two-factor authentication, a stolen card is useless without knowing the PIN attached to it.

Because this technology offers more security, Target is trying to get it into its stores sooner, but Mulligan said it takes more cooperation across the payments industry to make that successful. Mulligan said Target had tried to introduce a chip-based Visa card in 2003, but because other retailers didn't have the proper card readers, Target customers couldn't use the cards at other stores.

Now Target will try again. Mulligan announced that the company will implement chip-enabled smart-card technology by the first quarter of 2015, which is six months earlier than the store had originally planned. This will include making sure all of its REDcards have chips and all of its stores have card readers that can handle that technology. "Updating payment card technology and strengthening protections for American consumers is a shared responsibility and requires a collective and coordinated response. On behalf of Target, I am committing that we will be an active part of that solution," Mulligan said in his testimony.

Putting the technology into the approximately 1,800 Target stores will cost the company an estimated $100 million.

Money is part of the reason companies, card issuers and processors have put off the shift to EMV chip cards. "We think the answer comes down to money. It's expensive to update the technology at the point of sale. It's expensive to reissue cards," said Delara Derakhshani, policy counsel at Consumers Union, during the Senate Judiciary Committee hearing.

Companies will be spending that money over the next couple of years to comply with mandates set forth by the major credit card companies, who want to bring the United States in line with the rest of the world. As part of the migration to EMV, these companies mandated certain changes for payment processors to be in place last year. By October 1, 2015, companies and merchants that haven't implemented the technology could be liable for fraudulent transactions. By October 1, 2017 automated fuel dispensers need to be able to handle this technology.

Table of Contents