Cybersecurity Insight

Will New Credit Cards Improve Data Security?

12 Nov

Data safety has been an issue for retail chains ever since the major data breaches experienced by the likes of Target and Home Depot. In response to consumer concerns about data safety Target is taking a new approach with its credit cards.

Currently, most major credit cards only require that you sign for your purchase. In most cases it wouldn’t matter if you signed your own name or John Doe’s, your transaction will be processed right then and there. This method of security is, well, not very secure. It leaves too many gaping holes and if your credit card is stolen it leaves little resistance against a thief making purchases.

Sure, a retailer can check a cardholder’s identification, but this rarely happens. So Target is taking a different approach. The retailer is the first major credit card issuer (Target Credit Card) that will provide cards that require a PIN number instead of a signature.

The idea behind the pin number is that customers who have lost their card or had their card stolen will be less likely to be damaged by a thief trying to use the card. In essence, it makes the card useless if you don’t have the associated PIN number. A spokesperson for Target stated that it’s, “…an additional layer of security to help protect against someone using their card if it’s lost or stolen”.

Target is one of the few issuers making this change as many other issuers have complained about the high cost of converting to PINs. This argument has baffled some because many of the card issuers are also banks who utilize the PIN system for their customer’s debit cards.

Another seemingly silly argument against such a move is that customers do not want another PIN or password to remember. If our credit card data is already at high risk, it stands to reason that consumers would want better protection for themselves, and the ones who do would “bite the bullet” and learn to remember their PIN number. Besides, remembering a four digit PIN is much easier than remembering a login password that is 10+ characters long.

Some may ask why a PIN is even necessary, as retailers will soon be required to accept cards with the EMV chip. The EMV chip cannot be duplicated, and if data is stolen, it can only be used to create a card with a magnetic strip – useless if the retailer only accepts cards with the EMV chip.

The fact is you can never be too safe. In our increasingly dangerous digital world every bit of security helps, even if it adds a little bit of annoyance to your daily life. Ultimately that small annoyance is forgotten; however, if your information were to be stolen and your financial life at risk you’d be hard pressed to find someone who wouldn’t choose to remember a four digit PIN over data theft.

Target is taking a leap that many other organizations have not, or simply won’t unless forced. The stragglers can cite increased costs, lost profits or jobs, and other erroneous arguments for not moving forward with a more secure system but it’s up to us as consumers and customers to show that we simply won’t accept anything less than the best. The safety of our personal information is paramount if we want to continue to do business the way we do, and it’s time that everyone, including our financial institutions, realized it.