Home Depot: U.S. Credit Card Firms Slow to Upgrade Security
June 15 2016 - 10:55AM
Dow Jones News
Associated Press
ATLANTA -- Visa Inc. and MasterCard Inc. are using security
measures prone to fraud, putting retailers and customers at risk of
hacking attacks by cyberthieves, Home Depot Inc. says in a new
federal lawsuit.
It is the latest giant retailer to raise serious concerns about
security with its lawsuit filed this week in U.S. District Court in
Atlanta. Last month, Arkansas-based Wal-Mart Stores Inc. sued Visa
over similar issues.
Atlanta-based Home Depot said new payment cards with so-called
"chip" technology, rolled out in the U.S. in recent years, remain
less secure than cards used in Europe and elsewhere in the
world.
Even with chips, U.S. cards still rely on customers' handwritten
signatures for verification, rather than more secure Personal
Identification Numbers, or PINs, Home Depot maintains.
"We are aware of the complaint and will respond in due course,"
Visa said in a statement Wednesday.
MasterCard representatives didn't immediately return calls and
emails seeking comment.
A central issue in Home Depot's lawsuit is the retailer's
contention that Visa and MasterCard are conspiring to prevent
adoption of more secure technology to maintain market dominance and
profits.
"For years, Visa and MasterCard have been more concerned with
protecting their own inflated profits and their dominant market
positions than with the security of payment cards used by American
consumers and the health of the United States economy," Home Depot
states in its 138-page lawsuit.
About 80 nations use cards with chips, and most of them --
including England, France and Australia -- also require a PIN
rather than a signature, Home Depot said.
"Such cards offer an extra layer of security beyond the chip
itself, by requiring the user to enter a four-digit PIN, thereby
ensuring that the individual using the card is the card's owner,"
Home Depot states in its lawsuit. "Signatures can be copied or
forged, and cashiers are not handwriting experts trained to
identify forged signatures."
As a result, U.S. consumers and merchants such as the Home Depot
pay fraud-related costs that are "unrivaled in the rest of the
industrial world."
In September 2014, Home Depot told its customers that 56 million
debit and credit card numbers were compromised in a breach of its
computer systems, and later said hackers also stole 53 million
email addresses in addition to sensitive data from the cards.
Several other retailers, such as Target stores, have also reported
huge data breaches involving payment cards in recent years.
The lack of PIN requirements in the U.S. could lead to even
greater fraud in the future, as more transactions shift to online
payments, where no physical card is presented.
Last month, Wal-Mart said in a lawsuit that Visa won't allow it
to let its customers verify chip-enabled debit card transactions
with PINs rather than the less-secure signature method.
"PIN is the only truly secure form of cardholder verification in
the marketplace today, and it offers superior security to our
customers," a Wal-Mart spokesman told The Associated Press after
its lawsuit was filed last month in the New York State Supreme
Court.
--Copyright 2016 Associated Press
(END) Dow Jones Newswires
June 15, 2016 10:40 ET (14:40 GMT)
Copyright (c) 2016 Dow Jones & Company, Inc.
MasterCard (NYSE:MA)
Historical Stock Chart
From Aug 2024 to Sep 2024
MasterCard (NYSE:MA)
Historical Stock Chart
From Sep 2023 to Sep 2024