Julia S. Cheney, Robert M. Hunt, Katy Jacob, Richard D. Porter and Bruce J. Summers, all of the Federal Reserve, have written The Efficiency and Integrity of Payment Card Systems: Industry Views on the Risks Posed by Data Breaches. Here is the abstract:
Consumer confidence in payment card systems has been built up over many decades. Cardholders expect to use their cards to execute payment instructions in a reliable and timely manner. Data breaches that degrade the perceived safety and reliability of payment cards may weaken consumer confidence in those systems and potentially cause cardholders to shift to other, and perhaps less efficient, forms of payment. A sizable shift away from payment cards — induced by the consequences of one or more data breaches is unlikely. Even so, the probability of such an outcome is uncertain. In other words, this could be an example of “tail risk” for payment card systems. The authors informally interviewed a number of market participants and several experts to better understand the risks presented by data breaches, the efforts to protect payment card systems against data breaches, and areas where more might be done to secure these systems. In particular, the authors investigated whether existing levels of investment,
coordination, information sharing, and management of incentives in securing payment card systems by firms and organizations in the private and public sectors are adequate to confront the threats arising from modern data breaches. The lessons learned from these conversations are described in this paper. These insights may also be helpful in considering the risks that data breaches may broadly pose to retail payments in the United States.
0 thoughts on “Federal Reserve Paper on Industry Reaction to Data Breaches”
Yes definitely, security IS a strong consideration.
Certainly, it should be for credit card companies since, if they are going to be ethical, they are responsible so they should bear the financial losses that may follow. Agreed, with the profit they make, it is still a drop in the ocean, but there is additional longer term damage to some cards and I am speaking from personal experience.
After a solid reflection, I have discarded most of my credit cards save two. These are what I use and I have no need for more. There are many advantages to this decision:
First, I have studied (and tested) the quality of the customer service and of the security level of my batch of cards. From that test, I identified the best one and kept it. Interestingly, it was also the one with the highest limit, (a lucky break).
The second card is tied up to my bank and it is a safety net in case of need.
Second, I consolidated my primary card security by adding some security features of my own. This was done in collaboration with and thanks to the excellent customer service of this card and their pro-active security level.
Nothing is foolproof of course, but I feel quite safe using it at this point.
Here are some advantages of my consolidation: By using always the same card, it now has a fairly strong format of my shopping habits and comfort zone. Anything out of that framework will often generate a call to me for verification. In return, if I am going way out of normalcy with a transaction, i.e. out of country, I will notify my card. I consider that a basic courtesy.
One last but not so small detail; by condensing my expenses to one trusted card, I have simplified my accounting and increased my bonus tremendously. I can now go home to visit virtually free and business class too!
As for the other rejected cards, if my practice catches on, it may force some of them to rethink the quality of their service.
I consider that a win-win situation.