Target, Neiman Marcus, PF Chang’s — and now, in the most recent episode of data breach, it’s reported more than 50 million customers’ cards, accounts and personal information were breached from the do-it-yourself giant Home Depot.
Identity theft is a harrowing experience for consumers. Some felon across town or around the world starts spending your money, using your accounts, your cards and your identity. Fortunately for consumers, their bank safeguards their accounts and protects them from loss.
The bank that issued their card covers fraud losses in nearly all cases. Regardless where the breach occurred, regardless if retail store security systems failed, or card users were not properly identified, the consumer’s bank covers the cost not only for the fraud loss but also for the costs to alert the customer, freeze a compromised account and re-issue cards.
For banks and their customers, Home Depot’s security failures are painful episodes of déjà vu. We’ve been here too many times. Identities and accounts were stolen from retailers, but banks made customers whole.
This must change. Every player in the payment-processing system must be responsible to safeguard customer identities and accounts. Consumers will not otherwise be secure. The retail industry that uses and benefits from the payments system must also share responsibility for safeguarding their customers and be responsible for their own failures.
Banks routinely insist on proof of identification and invest in the highest standards for data and identity security. Banks take very seriously the sensitivity of personal and financial data.
Uniquely, the banking industry supports an enormous system of regulators and examiners that aggressively enforce privacy and account security laws. The industry invests hundreds of millions of dollars annually in the best security systems and rigorous employee training for fraud prevention and required immediate reporting.
When accounts are stolen from a retailer, the consumer is held harmless financially — rightfully so: He or she is the victim of very complex crime. Their bank stands with its customers.
With so many orchestrated and continuing instances of massive data breaches, it’s past time for Washington to act. Until all players in the payments system own responsibility for their handling of customer accounts, the consumer is at risk. Every party involved, including retailers at point of sale, must step up to the challenge, meet industry standards for security systems, train their staffs to spot fraud, and must be accountable for failing their customers. Our payments system is only as strong as its weakest link.
Washington must also do its part to make sure that our credit processing system is strong and secure. Our consumers deserve it.
Dennis Koons is president and CEO of Michigan Bankers Association.