Ending
weeks of relative silence by the two major payment card
brands in the wake of payments breaches at Target Corp., Neiman Marcus and
others retailers, MasterCard and Visa have announced the formation of a
cross-industry group to work on improving U.S. payment security. The
collaborative effort aims to advance the migration to chip cards as well as
point-to-point encryption.
In
addition to the card brands, the coalition will include banks of all sizes,
credit unions, acquirers, retailers, point-of-sale device manufacturers
and industry trade groups, the card brands say in announcing the effort.
"The
recent high-profile breaches have served as a catalyst for much needed
collaboration between the retail and financial services industry on the issue
of payment security," says Ryan McInerney, president of Visa Inc. "As
we have long said, no one industry or technology can solve the issue of payment
system fraud on its own."
Top Priorities
The
initial focus of the group will be on the adoption of payments cards using chip
technology based on the EMV standard that's widely used in other nations. The
cards offer greater security than magnetic-stripe cards that are now commonly
used in the U.S.
Other
areas of focus for the new group will include:
Promoting
additional security solutions, including tokenization and point-to-point
encryption. "While EMV addresses the physical point of sale, the need to
protect mobile and online transactions is critical," the card brands say
in their announcement. "In tokenization, the traditional account number
will be replaced with a unique digital payment code, providing an additional
layer of security."
Developing
an actionable roadmap for security across all segments of the payments
industry.
"One
of the critical roles we play is to protect consumers and businesses against
criminals and fraudsters," says Chris McWilton, president of North
American markets for MasterCard. "Only through industry collaboration and
cooperation will we address the real and immediate issue of security and
maintain consumer confidence and trust. EMV will be the next step in these
efforts, alongside enhanced security solutions for online and mobile
channels."
The
formation of the group, the card brands say, is an acknowledgement of the need
for all parties involved in the payments process to work together and will
"ensure all voices can contribute to the strategic direction of payment
security."
MasterCard
and Visa also expect the new group to engage with other ongoing security efforts,
including proprietary risk councils, EMV task forces and standards management
bodies.
Assessing the
Efforts
News
of the card brands' focus on tokenization and point-to-point encryption is
encouraging, says Gartner analyst Avivah Litan. The efforts could make a
meaningful difference if standards are created for the technologies "so
that one vendor's solution [is] interoperable with another," she says.
"These
standards have been lacking in the market, and, as a result, especially with
point-to-point encryption, retailers and card acceptors are somewhat hesitant
to adopt the technology out
of valid fear of vendor lock-in and the pricing and competitive disadvantages
that go along with that," Litan says.
"Visa
and MasterCard have had plenty of time to work on these standards," she
says. "Let's see if they do something meaningful and actionable this
time."
No comments:
Post a Comment