This is what the National Retail Federation (NRF) is eager to tell everyone who would listen in the wake of the Target and Neiman Marcus data breaches, which were only the latest in a seemingly unending series of mass-scale theft of credit card information. And among the retailers’ intended audience happens to be the U.S. Congress to whom the NRF has now sent some funny-looking infographics, to go along with an even funnier myth / fact sheet and a short, and characteristically meaningless, statement.
We have been calling for chip-and-PIN for years, the NRF declares in response to charges that merchants have been every bit as careless in protecting their customers’ personal information as the card issuing banks they so love to revile. And we can’t have the retailers lumped together with these evil bankers, can we?
Well, as we’ve always looked at the issues of data security and switching to the chip-card technology in the U.S. primarily from the payments industry angle, I thought I could try and do so from the retailers’ perspective for a change. And who better to turn to for assistance in such a project than the world’s largest retail trade association? So let’s see what they have to tell us and the U.S. Congress.
Retailers vs. the Card-Chip Technology
“For years NRF has called for mandatory use of “PIN and Chip” cards, which require use of a secret number rather than a signature and store customer data on a computer micro-chip embedded in the card”, the NRF asserts in their statement. By the way, chip-and-PIN is the brand name for the EMV smart card technology used in the United Kingdom and Ireland. Anyway, if the NRF has indeed been calling for a switch to the new technology in the U.S., they must have been doing so in private, for I haven’t heard any of their calls. And I am someone who pays close attention to those things.
Furthermore, one would have expected the retailers to be the most vociferous group of credit card transaction participants asking for a switch to the safer technology, because they had been arguably the biggest losers from the associated fraud. As we’ve noted multiple times before, U.S. merchants absorb more than 40 percent of the fraud losses on credit and debit card payments. And, whereas a shift to a whole new technology would be a truly huge deal for the payments industry (costing billions of dollars in the process), all merchants would be required to do is to upgrade their point-of-sale (POS) systems, which they do every few years anyway. So, they could have pushed for a gradual EMV adoption, so that the compliant equipment is only purchased when it is time to get a new terminal anyway.
Moreover, as far as e-commerce and MO / TO merchants are concerned, a shift from the mag-stripe to the EMV technology would change precisely nothing and no investment is needed there. So, once again, why weren’t the retailers more active in their calls for adopting EMV?
Who Is the Biggest Villain?
Once again, the retailers, as represented by the NRF, are more interested in vilifying the credit card industry than they are in solving the issue at hand. Prominently featured in the aforementioned myth / fact exercise, right after the opening myth busting “fact” that “[m]aintaining the trust and respect of customers is retailers’ highest priority”, is the “fact” that “retailers account for 24 percent of incidents, while 37 percent happen at financial institutions”. Oh, and “that’s true even though there are many more retailers than financial institutions”. This one is backed up by the first of the two funny infographics:
But then it gets funnier. Yes, retailers are as eager as anyone to adopt the new technology, but they “don’t want to pay for the costs of PIN and Chip”. Why? Well, here it is:
Retailers are willing to pay a fair share of the cost of conversion. But they want a system that will actually reduce fraud and protect everyone — consumers, retailers and banks alike. They don’t want to spend billions of dollars on a chip and signature system like that proposed by the banks that only addresses part of the problem when better systems are available. And since credit cards are a product that belongs to the banks, banks should share in the cost of equipment and software needed to accommodate their product.
That alone tells you all you need to know about the self-proclaimed eagerness of the merchants to adopt the EMV technology. And such muddled statements would be easy to dismiss as just another PR exercise, if they didn’t have real-world policy implications. The NRF and other retailer groups used similarly confused arguments quite successfully in their fight to lower debit interchange fees, which were supposed to lead to lower prices for consumers. Well, even as the promised savings at the checkout never materialized, all big banks, which lost billions of dollars in interchange fees, started to feverishly explore other avenues for making up the lost revenue. One direct result is that no big bank currently offers a truly free checking account.
But I have no intention of revisiting the Durbin Amendment debacle today. Rather, I’d show you the second funny graph:
Here is a question for you: is this the best thing a big supporter of the new technology can do to promote it? And, by the way, note the statement at the end of the graph: “The safest cards deploy both PIN and Chip technology”. If you don’t get that, you are not alone.
So there it is. The NRF is madly in love with the safer new EMV card technology and has been for many years. Naturally, then, the NRF has also been:
[P]ushing cards that encrypt data on an embedded micro-chip and protect consumers by using a secret Personal Identification Number (PIN) rather than relying on the illegible scrawl most people pass off as a signature. You wouldn’t want to rely on a signature to get cash out of an ATM, so why rely on a signature when you use a credit or debit card?
Oh, the only thing is that the NRF wants someone else to pay for these wonderful things, which would benefit its members and their customers.
Image credit: Europol.