Get in Touch
My Account
Allen Weinberg | Card Fraud | Card Payments | Chip Cards | Point of Sale (POS) | Security

Is the Target Breach the Chernobyl of Payments?

Vicki T

February 27, 2014
Share On Linkedin
Share On X
Share Via Email

Chernobyl is certainly at the top of the list of man-made disasters.  In light of recent events, I’ve been thinking that the Target breach has become the Chernobyl of the payments world.

As a group, we Americans never thought that much about payment security – we really didn’t have to.  We are protected by federal laws limiting our liability for lost/stolen cards, while at the same time, the card networks’ rules give us even better “zero liability” protection, and have educated us about that protection with hundreds of millions of dollars (if not billions) of TV ads over the years. 

Joe Shmoe Merchant from Whoknowswhere, Illinois wants your MasterCard account number for an ecommerce purchase?  No problem, you’re protected.  Give my card to a hot dog vendor on the street who swipes it though (or even keys it into) his smartphone?  No problem – mustard and relish please, and hurry up with my hot dog.  Put my Visa credit card on file with an airline that can’t even run its planes on schedule?  Sure, why not, it’s quite convenient.

Look at all the card issuers that have, over the years, tried to differentiate themselves based on security – Bank of America, Citi, and others have all tried it on and off, without much visible success in moving market share.

But after the Target breach, my sense is that things are changing.  I’m wondering if we, who unlike Europeans and others, can’t be bothered to use Verified by Visa and MasterCard SecureCode because “we’re protected anyway”, may be taking a different view of who we give our payment credentials to after “Payments Chernobyl” and what steps we’ll be willing to take to protect our accounts.

I say this because the Target breach is different than all the others – huge numbers of people affected coupled with unprecedented news coverage and congressional hearings.  We just didn’t’ see that with the TJ Maxx, Heartland, Global Payments, Hannaford Brothers, Michaels (twice), Marriott, and other breaches.

Collectively, these breaches have now affected virtually every cardholder in the U.S.  We are largely driven by convenience, and let me tell you, it sure isn’t convenient to have to log in or call all the places that store our card numbers for recurring payments. 

Sure, it’s no big deal getting a notice from my wireless carrier, cable company, and favorite eRetailer when the auth request fails, but what about all the other places we forget about?   My son was thrown off a San Francisco bus when my card of file was declined and his monthly contactless bus pass didn’t renew (and yes, to my fellow payment geeks, I haven’t forgotten about the networks’ account updater services, but we all know they are far from a panacea).

So I’ve been thinking a lot about whether U.S. consumers will alter their payments behavior after Payments Chernobyl, and if so, how.

Anecdotally, I’ve been hearing about people now preferring signature versus PIN debit, and of other people who are switching from signature debit to PINs.  I’ve spoken to people who are not worried too much about leaving a credit card on file (“hey, it’s the bank’s money anyway”) but are now quite reticent to put a debit card on file (“sure, I’ll get the money back, but my rent check will be bouncing in the meantime”).  And how about those people who have a Target or another merchant’s decoupled debit card – you know, the ones that have your checking account number on file so that they can route the purchase thought the ACH?  I suspect a number of those folks are watching their checking accounts pretty closely now.

So I’m reaching out to everyone, asking you to let me know what you’re thinking, seeing in your own data, and hearing.  Have you changed your payments behavior after Payments Chernobyl?  Changing your use of PIN vs. signature debit?  Using credit vs. debit more?  Rethinking whom you say its OK to keep your account number on file for faster checkout or recurring payments?  Will your “chip and PIN” or “chip and signature” card be top of your wallet when EMV comes to market? Or even, and I hate to say this, using cash more?

I’d love hear from you – please track me down at Allen@Glenbrook.com!

Recent Payment Views

Payments Orchestration: What Comes Next?

Payments Orchestration: What Comes Next?

Orchestration providers have certainly come a long way, and can enable powerful capabilities and benefits for the merchants that employ them. This post explores some of the possibilities Glenbrook has been thinking about for where Orchestration (and even orchestration) can go next.

read more
Payments Post #12: Lessons from Change

Payments Post #12: Lessons from Change

In this month’s Payments Post, we want to draw your attention to several recent fraud incidents that underscore the criticality of effective risk management to your business and the safety and soundness of the payments industry.

read more

Glenbrook Payments Boot CampTM workshop

Register for the next Glenbrook Payments Boot Camp®

An intensive and comprehensive overview of the payments industry.

Register now

Train your Team

Customized, private Payments Boot CampsTM workshops tailored to meet your team’s unique needs.

Learn More

OnDemand Modules

Recorded, one-hour videos covering a broad array of payments concepts.

Learn More

GlenbrookTM Company Press

Comprehensive books that detail the systems and innovations shaping the payments industry.

Learn More

Launch, improve & grow your payments business

Talk to the Payments Experts