Obama Moves Without Congress on Data Security
President Obama has launched an initiative through an executive order called “Buy Secure” to help motivate companies to implement safer payment methods.
“Starting next year, we’re going to begin making sure that credit cards and credit-card readers issued by the United States government come equipped with two new layers of protection: a microchip in the card that’s harder for thieves to clone than a magnetic strip, and a pin number you enter into the reader just as you do with an ATM,” Obama said in a speech at the CFPB Friday.
“We know this technology works. When Britain switched to a chip-and-pin system, they cut fraud in stores by 70%,” he noted.
Obama said no individual security measure could stop fraud on its own but federal agencies are taking steps to address the problem.
“So today, I’m also directing federal law enforcement to share more information with the private sector when they discover identity theft rings,” he said.
The CFPB is working with banks to help make it easier for consumers to discover if fraudulent charges have been made to their account, Obama said.
The Federal Trade Commission will also add new features to IdentityTheft.gov, and will work with credit bureaus to dramatically cut down on the time it takes for victims to recover their stolen identities, he added.
Obama highlighted The Home Depot, Target, Walgreens and Wal-Mart as retailers that have agreed to adopt chip-and-pin technology by the beginning of next year.
He also said American Express pledged $10 million to replace outdated card readers at small businesses and MasterCard has said it would provide customers with free identity-theft monitoring and resolution support.
“Citi is joining other financial institutions in making free FICO scores available to customers, because a sudden drop in your credit rating is one of the clearest signs that you’ve been hit by fraud,” Obama said.
Obama challenged Congress to pass national standards for data security.
“Even though I’m taking action today without Congress, Congress needs to do its part, as well. Today, data breaches are handled by dozens of separate state laws, and it’s time to have one clear national standard that brings certainty to businesses and keeps consumers safe,” he said.
Eric Richard, CUNA SVP and general counsel, said CUNA commended Obama for calling on Congress to stop the data breaches with cybersecurity legislation to protect American consumers.
“Credit unions have repeatedly called for legislation to clarify companies’ obligations when sensitive data is breached for the safety and security of their members,” he said.
John McKecknie, partner at consulting firm Total Spectrum in Washington, said any attention to the issue is welcome, but it's disappointing merchants are staying off the hook as those responsible to the consumer.
“More transparency and better notification by the retailers would be a start, but that’s not addressed today. Instead, by turning this issue into the narrow one of card security, rather than the broader one of data security, the White House has missed an opportunity,” McKechnie said.
NAFCU President/CEO Dan Berger, who attended the president’s speech at the CFPB’s headquarters, said national data security standards are key to protecting consumers’ personal and financial data.
“NAFCU thanks the president for his leadership in addressing the growing cyber threats to consumers’ data, and we will assist wherever we can to help credit unions and their members prepare,” Berger said.
“We will also continue our efforts to win passage of legislation to hold retailers and merchants to national data security standards such as those required now of credit unions and other financial institutions,” he added.
A CFPB spokesperson said the event was only open to White House pool press due to security reasons.