Identity Theft, Target Stores, and You
Ho, Ho, Ho! Your identity has just been stolen.
(Signed) Santa Hacker
That’s what possibly happened to as much as 40 million dedicated Target shoppers in the first three short weeks of the pre-Christmas season. It was during this amped-up shopping frenzy (November 27-December 15) – a tight squash since Thanksgiving was late this year.
An overseas cyber-raider swooped in. His target? Your PIN numbers . . . and the PIN numbers of all potential Target customers. This raider – Russian by all online accounts (he smirked about his online, cyber-intro to “Hackers Are Us”) – easily cyber-heisted personal credit and debit card data. Several victims had personal bank accounts virtually stripped, pillaged by this marauder. This we know from the news.
Now Target is the “target.” Victims are filing lawsuits and industry critics are speaking out. They are putting the blame squarely on the shoulders of the retail giant – a collective retail-and-credit “malpractice” blame game. Target has been accused of putting consumers at risk. Some have gone so far as to say Target knowingly put these customers at risk because profit and investors outweighed security.
A lot of finger pointing happening.
But it may not be as cut-and-dry Hollywood as this – a predatory retail giant vs millions of defenseless consumers at risk. Of course Target is motivated by profit – that’s the name of the game in American business – but Target may also be a victim.
Some experts are already pointing to much-less-visible offenders: the credit card industry . . . and the U.S. economy itself.
Card issuers might not have been able to prevent the complete data breach at Target. But they could have discouraged thieves from using stolen information (i.e., PIN numbers) to make counterfeit credit cards . . . by simply being more proactive.
A more-secure anti-fraud technology is already available – and has been for some time.
The truth is: U.S. merchants and banks lag far behind Europe, Canada, and elsewhere. They have stubbornly resisted adopting an already-established, proven system – a system which uses credit and debit cards with all vital data stored on embedded computer chips. This “smart card” technology makes it harder for thieves to steal and misuse that data.
Instead U.S. merchants and banks rely on an older credit card technology. Instead of computer chips the U.S. uses a vulnerable magnetic strip. This strip’s data can be easily copied and reproduced by thieves. (On the other hand, a “smart card” encrypts transaction information, requires thieves to know the cardholder’s PIN, and generates one-time-only passwords when demanded.)
So why don’t we have these smart cards and this new technology? Maybe the delay does go back to money and to how the U.S. economy is built. (“Cheaper . . . faster” seems to be the phrase. And: Make that happen now . . . with a credit card sweep.)
The problem is the overall cost of smart card technology – of “re-engineering” the retail and banking industry as a whole, of producing millions of news cards and chips, and of designing, making and installing a minimum of 10 million + payment terminals needed to process them.
But this U.S. economic delay may prove costly. For years U.S. companies have tolerated credit card fraud as a cost of doing business. Now high-profile breaches, such as the one at Target, are raising demands for increased card security. Just ask Target’s 40 million U.S. customers.
What’s the solution? Inevitably U.S. banks and retailers will have to accept (even if grudgingly) smart card technology. Otherwise, potentially, they may be forced to hire banks of criminal attorneys just to stay afloat. And the cost of this? It will be, as all operating costs are, put on to your credit card.
But they still could run within existing economic practice by simply adopting some online purchasing programs which follow a more-secure 2-step protocol. This would save money and upgrade security . . . at their end and at yours.
It’s easy. Instead of a retailer just asking for your PIN . . . have them add a second, personal question (your mother’s maiden name, your favorite movie, where you went to high school, e.g.). Online services do it as regular procedure. (BTW: This really screws with hackers.)
The U.S. will be slow to changing its ways regarding credit card technology. (Another committee, another study – that’s predictable.) But it may be quick to agree to using (or multitasking) existing technology. While not foolproof, simple Q&A already exists . . . and that’s a “no-brainer.” And believe it or not, this “technology” (your brain technology) can add measures of security for you.
In the end . . . it’s your money, your credit rating. How safe do you feel? How secure are you?
The Blanch Law Firm cannot guarantee your safety when you use your credit card. A plastic world is magic . . . and it offers a lot of ups and downs. Your credit card’s use? Purchase now, pay later . . . and feel the “holiday after” bill pain.
Fine. OK. Ultimately, it is your responsibility. But . . .
But, as criminal defense attorneys, The Blanch Law Firm can affirm its purpose . . . to defend those who have been targeted by or for credit card abuse, or by or for credit card fraud.
We are experienced in this.