The Expert's View with Dennis Koons

Breaches: Retailers Aren't Doing Enough

Banks Need Congressional Support for Stronger Data Security
Breaches: Retailers Aren't Doing Enough

First came the Target, Neiman Marcus and P.F. Chang's breaches, among others. And now, it's reported that more than 56 million payment cards were breached from the do-it-yourself giant, Home Depot.

See Also: The External Attack Surface Is Growing and Represents a Consistent Vulnerability

Identity theft is a harrowing experience for consumers. Some felon across town or around the world starts spending your money, using your accounts, your cards and your identity. Fortunately for consumers, their bank safeguards their accounts and protects them from loss.

The bank that issued their card covers fraud losses in nearly all cases. Regardless of where the breach occurred, regardless if retail store security systems failed or card users were not properly identified, the consumer's bank covers the cost not only for the fraud loss, but also for the costs to alert the customer, freeze a compromised account and re-issue cards.

For banks and their customers, Home Depot's security failures are painful episodes of déjà vu. We've been here too many times. Identities and accounts were stolen from retailers, but banks made customers whole.

This must change. Every player in the payment processing system must be responsible for safeguarding customer identities and accounts. Otherwise, consumers will not be secure. The retail industry that uses and benefits from the payments system must also share responsibility for safeguarding their customers and be responsible for their own failures.

Banks routinely insist on proof of identification and invest in the highest standards for data and identity security. Banks take very seriously the sensitivity of personal and financial data. The banking industry supports an enormous system of regulators and examiners that aggressively enforce privacy and account security laws. The industry invests hundreds of millions of dollars annually in the best security systems and rigorous employee training for fraud prevention and required immediate reporting.

When accounts are stolen from a retailer, the consumer is held harmless financially - rightfully so; he or she is the victim of very complex crime. Their bank stands with their customers.

Dennis Koons of the Michigan Bankers Association on why retailers must be held to a higher cybersecurity standard.

With so many orchestrated and continuing instances of massive data breaches, it's past time for Washington to act. Until all players in the payments system own responsibility for their handling of customer accounts, the consumer is at risk. Every party involved, including retailers at the point of sale, must step up to the challenge, meet industry standards for security systems, train their staffs to spot fraud and be accountable for failing their customers. Our payments system is only as strong as its weakest link.

Several laws currently under consideration in the U.S. Senate would help. One example is S. 1976, better known as the Data Security and Breach Notification Act of 2014, introduced by Sen. Jay Rockefeller, D-W.V. The bill authorizes the Federal Trade Commission to write new rules requiring retailers and other companies to protect consumers' personal data and notify individuals promptly in the event of a breach. Violators would face civil penalties.

Washington must do its part to make sure that our credit processing system is strong and secure. Our consumers deserve it.

Dennis Koons is president and CEO of the Michigan Bankers Association.

About the Author

Dennis Koons

Dennis Koons

President and CEO, Michigan Bankers Association

Koons has served as President and CEO of the Michigan Bankers Association since January 2002. The MBA represents the interests of and provides services to the banks of Michigan. Koons is a graduate of Michigan State University and the Thomas M. Cooley Law School. His career includes political campaign management, a staff position in the Michigan Senate, director of governmental affairs for the Michigan Association of Realtors, vice president for the Greater Detroit Chamber of Commerce and vice president, government relations for NBD Bank.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.