Retailers put profits ahead of security

When Target experienced its major data breach during the holiday 2013 season, it suffered extensive financial and reputational damage.  Having firsthand experience like this tends to put things in perspective, which makes it unsurprising that, out of 48 major retailers surveyed by Consumer World, Target is one of the only 11 who have ubiquitously enabled EMV card functionality.  Yes, on October 1, the long-awaited deadline passed for companies to adopt chip card technology, or risk being held liable for any fraud traced back to their stores, such as through a breach.  The risk, of course, is an organization’s own to assume, but Target, and those other nine, clearly do not want to endure such a debacle—and in Target’s case, repeat it.

Others have taken a more cavalier attitude so far.  In fact, most of the 48, according to Edgar Dworsky—founder of Consumer World who had the idea for the survey—do have checkout terminals capable of reading the chips in the new cards…they just don’t work, or haven’t been activated yet.

Kind of defeats the purpose of EMV cards making consumer-retailer transactions more secure, if the installed terminals aren’t even functioning.

Delays and holdouts like this make sense in a way, from a financial/efficiency standpoint.  According to Mallory Duncan, senior vice president and general counsel at the National Retail Federation, part of the fault lies with Visa, MasterCard, and the other card processing networks, for not providing retailers the technical specifications and certifications needed to activate the new systems in a timely fashion.  For these businesses, not receiving these has hampered the implementation of the chip processors.  And when holiday shopping time comes around, that only compounds the issue.  “Most sane individuals are not going to be ripping out terminals, installing new ones and testing them out at the busiest time of the year,” says Duncan.

Looked at from the consumer perspective, however, what this means is that a number of retailers are putting profit ahead of improved security.  After all, my own experience with chip cards since October has demonstrated that the process is indeed slower than the old way of swiping the magnetic stripe.  Inserting the chip cards into the new readers can take up to 10 seconds to complete, and can quickly lead to growing lines.  Onset by the mad rush of the shopping season, it’s small wonder many of these businesses are ignoring their new card readers, and opting for the old, more expedient method, trying to maximize sales and keep their customers happy and moving quickly.

How happy will they be if one of these retailers becomes the next Target?

By: Jonathan Weicher