Home Depot suit accuses card schemes of putting profits ahead of security in EMV roll out

Home Depot, the US retail chain that saw 56 million accounts hacked in 2014, is suing Visa and MasterCard over their failure to mandate more secure Chip and PIN technology at the checkout during the country's migration to EMV-based payments.

Using language that mirrors the words used by supermarket outlet Walmart is a similar suit lodged in May, Home Depot says that by insisting that chip card holders in the US can continue to pay with signatures at the checkout, the card schemes are playing in to the hands of fraudsters.

The suit points out that Chip and PIN technology is prevalent in most countries around the world.

“Such cards offer an extra layer of security beyond the chip itself, by requiring the user to enter a four-digit PIN, thereby ensuring that the individual using the card is the card’s owner,” Home Depot states. “Signatures can be copied or forged, and cashiers are not handwriting experts trained to identify forged signatures.”

At the heart of the issue is card schemes' continued control of the transaction during a signature checkout. PIN transactions, in contrast, can be routed through cheaper third party networks.

Visa and MasterCard EMV rules around consumer choice have led some merchants and point of sale (POS) terminal providers to implement POS processes that force consumers to select a debit AID (account identifier) for routing when presenting a chip-enabled debit card for payment at the POS, effectively overriding merchant routing preferences.

“For years, Visa and MasterCard have been more concerned with protecting their own inflated profits and their dominant market positions than with the security of payment cards used by American consumers and the health of the United States economy,” Home Depot states in its lawsuit.

Related Companies

Mastercard Visa

Channels

Retail banking Security Payments

Keywords

Cards Eftpos

Comments: (6)

A Finextra member 17 June, 2016, 15:00

Be the first to give this comment the thumbs up

0 likes

As a Brit I have struggled with the whole decisioning process behind chip and Signature in the USA.. Mistakenly I belived that this was either some mass hysteria on the part of the whole US Card payments industry or just wilful intent based on a 'Not invented here' philosophy....

For years the USA operated NTSC2 TV standard (Never The Same Colour Twice) rather than the European PAL system.. It seemed that green skin on actors was a price worth paying to avoid copying Europe....

To see this philosophy persist today in card payments, when the decision to embrace Chip&Signature results in huge profits for the fraudster, organised crime & the card schemes, at the expense of consumer confidence and merchant/issuer margins, is simply breathtaking...

20 years ago, I watched Tesco's head of payments tear the head off an RBS staffer for suggesting that Tesco checkout staff validate a 1cm square photo of the cardholder on the back of the card as a fraud reduction measure...... that was 20 years ago.... the same retailer reaction is as valid today as it was then. looks like any damage to V/MC will happen in court... I will watch with interest..

Report abuse

A Finextra member 17 June, 2016, 16:24

0 likes

I too was gobsmacked to hear that the US was going with chip & signature rather than with chip and PIN. Why only address half the problem? Now I know why.....

Report abuse

A Finextra member 17 June, 2016, 16:34

0 likes

Agree cardholder activated terminals wont be able to check signatures- Maybe US retailers will start charging checkout workers salaries to to the card schemes???... The unexpected item in the bagging area will be a signature!

Report abuse

Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 17 June, 2016, 18:55

0 likes

Less than a year ago, there were many US retailers who were eschewing EMV altogether on the grounds that their fraud losses were too small to justify the cost of upgrading their POS infra to accept chip cards e.g. Panda Restaurant Group with 1800 restaurants (cf. http://www.bloomberg.com/news/articles/2015-10-01/credit-and-debit-cards-lag-on-emv-upgrades).

Good luck to them in their current endeavor to convince the courts that they were willing and ready to go all the way to implement Chip+PIN last year.

Looks like nothing much has changed in the attitude of US retailers in the five years since I wrote Do Retailers Want To Have Their Cake And Eat It Too?

Report abuse

A Finextra member 17 June, 2016, 19:09

1 like

We would all save money if we did away with our police, fire, ambulance and national health services - life would be much cheaper, taxes would be lower but our countries would be more dangerous places to live..

Europe and ROW seem to be able to afford the overhead of Chip and PIN - the sky has not collapsed, retailers are reaping the benefits of faster contactless check outs and lower staff costs with unmanned tills with customers performing tap or dip/chip and go.... Leadership is required in the USA - if not from the industry then a grown up who wishes to see organised crime given a more difficult job when it comes to ripping off the worlds card issuers, and American merchants

Report abuse

A Finextra member 20 June, 2016, 11:26

0 likes

To all "good intentions" of stakeholders, the card networks have served a good portion of their purposes for the past 60 years or so. Now, there is no need for them and the relation is being directly established between banks and merchants. Will that abort possible manipulations?

You see, cards were invented by merchants and then outsourced to networks; Banks were collecting huge revenues (much more than networks) from cards by doing almost nothing. So who's the bad guy here?