ST. PAUL, Minn. -- An act which would introduce industry card security standards into state law has passed the Minnesota House of Representatives, according to the Minnesota Credit Union Network, the industry trade association which backs the bill.
"This is one of the most important pieces of consumer legislation moving through the legislature this session, and I am pleased that members of the House agree," said MnCUN CEO Mark Cummins. "Minnesota consumers deserve to have their card data handled in a secure, responsible manner."
The 104-27 vote came on the heels of an article in the Wall Street Journal which identified a Marshall's store in St. Paul, Minn. as the point where hackers managed to breach the TJX Corporation's database. TJX is the parent company for Marshall's and a number of other retail chains. The breach has compromised millions of cards and led to millions of card accounts having to be closed and reissued.
The Plastic Card Security Act aims to combat the growing problem of credit card account compromises and protect consumers from the risk of fraud. The bill would put into state law the payment card industry data security standards that merchants are already required by contract to follow, prohibiting the storage of magnetic stripe data from credit or debit cards, MnCUN said.
Currently when a data breach occurs, regardless of why it happens, financial institutions are responsible for notifying their cardholders, reissuing cards, and covering fraud losses. Consumers and financial institutions are left exposed to fraud losses not because of any action on their part, but simply because the merchant or its processor improperly retained data they should not have.
During debate on the bill, Chief House Author Rep. Jim Davnie said that it will cost financial institutions an approximated $300 million to replace compromised cards from the TJX breach, and that a reported $8 million in fraud has already been committed in Florida as a result.
"Those expenses don't stay with TJX or with the financial institution. They come down on us--on consumers--when retailers aren't abiding by the terms of their contract and aren't adequately protecting our data," Davnie said. --firstname.lastname@example.org