Home Depot, the US retail chain that saw 56 million accounts hacked in 2014, is suing Visa and MasterCard over their failure to mandate more secure Chip and PIN technology at the checkout during the country's migration to EMV-based payments.
Using language that mirrors the words used by supermarket outlet Walmart is a similar suit lodged in May, Home Depot says that by insisting that chip card holders in the US can continue to pay with signatures at the checkout, the card schemes are playing in to the hands of fraudsters.
The suit points out that Chip and PIN technology is prevalent in most countries around the world.
“Such cards offer an extra layer of security beyond the chip itself, by requiring the user to enter a four-digit PIN, thereby ensuring that the individual using the card is the card’s owner,” Home Depot states. “Signatures can be copied or forged, and cashiers are not handwriting experts trained to identify forged signatures.”
At the heart of the issue is card schemes' continued control of the transaction during a signature checkout. PIN transactions, in contrast, can be routed through cheaper third party networks.
Visa and MasterCard EMV rules around consumer choice have led some merchants and point of sale (POS) terminal providers to implement POS processes that force consumers to select a debit AID (account identifier) for routing when presenting a chip-enabled debit card for payment at the POS, effectively overriding merchant routing preferences.
“For years, Visa and MasterCard have been more concerned with protecting their own inflated profits and their dominant market positions than with the security of payment cards used by American consumers and the health of the United States economy,” Home Depot states in its lawsuit.