Information Security News
This week, Target's CEO appeared before the Senate Judiciary Committee to discuss the recent breaches that led to the loss of 40 million credit card numbers, as well as information pertaining to 70 million customers. Although malware placed on Target's system is what exposed the data, most of the committee's time was spent censuring traditional swipe-and-sign cards. Officials from Neiman Marcus (which also suffered a data breach), consumers bureaus, and Symantec also testified, calling for a movement away from the system we have in place now, to a chip-and-PIN system similar to Europe's.
The Wall Street Journal followed up with MasterCard’s Carolyn Balfany, who is leading the company's transition to the new, more secure payment system, called EMV. (The term “EMV” was trademarked in 1999 and stands for Europay, Mastercard, and Visa.) In 2012, MasterCard and Visa decided on a timeline, setting October 2015 as the deadline for the switch away from swipe-and-sign cards, which are notoriously easy to gather information from.
”Chip-and-PIN makes it much harder to copy a card when data is stolen,” a Symantec representative testified before the committee on Tuesday. “It also makes it harder to steal data in the first place due to encryption. It also makes physically stealing a credit card less useful, since you don’t have a PIN.”