Hacked Target hastens migration to chip cards
05 February 2014 | 6236 views | 0
Target has promised to accelerate its $100 million programme to roll out smart card technology in stores to help guard against further fraud.
In testimony before the Senate Committee on the Judiciary, the retailer's CFO, John Mulligan, said that all proprietary REDcards and all store card readers will be equipped with chip-enabled technology by the first quarter of 2015, six months earlier than initially planned.
Mulligan was appearing before the Committee following a massive data breach at Target late last year which saw thieves use a vendor's credentials to infect POS devices with malware and steal the details of around 40 million customer cards and the personal information of 70 million people.
Mulligan appeared at the hearing alongside Michael Kingston, CIO at Neiman Marcus Group, another retailer hit by hackers who said that the malware which hit his firm's systems had a "zero per cent detection rate" by antivirus software.
The hearing largely focused on plans for the US to ditch mag-stripe technology in favour of more secure EMV chip cards.
In 2012 Visa, MasterCard, Discover and American Express finally sought to bring the US in line with Europe, setting out a roadmap for the switch. Under this roadmap, liability for fraud-related loses will switch to retailers that have not upgraded their hardware in October 2015.
However, in light of the recent high-profile breaches, Senators called on other retailers to follow Target's lead and roll out EMV chip technology in their stores as quickly as possible.
Operating under the tightest of margins in a fiercely competitive sector, retailers typically spend just four percent of their technology budgets on security, compared with 5.5% for banks and 5.6% for healthcare companies, according to technology research firm Gartner.
IDC Retail Insights expects spending by US retailers in 2014 specifically for security in the United States to reach $720.3 million, an increase of 5.7% from last year in part because of the recent breaches.