Target To Fast-Track Smartcard Tech After Data Breaches

Target\'s CFO said the company is investing $100 million to upgrade credit card systems by early 2015.
Posted at 7:03 PM, Feb 04, 2014

Top executives from Target and Neiman Marcus appeared before a Senate committee Tuesday to answer questions about the massive data breaches that compromised the information of tens of millions of consumers and how they can prevent them in the future. 

Target CFO John Mulligan apologized for the breach that affected an estimated 70 million customers but also said the company plans to fast-track new anti-fraud technology. (Via MSNBC)

That technology, which is widely used in Europe, is called EMV. The New York Times writes EMV "basically amounts to a small chip embedded in each card (rather than a magnetic stripe) that creates a new code for each transaction. This makes it nearly impossible to counterfeit cards, which often happens with stolen data." 

"He said that if this had been in place, this breach may very well had been prevented." (Via Bloomberg)

In an op-ed published Monday on The Hill, Mulligan said Target is speeding up its $100 million investment into EMV technology and plans to roll it out in early 2015, six months ahead of the original plan.

The U.S. has been slower to adopt the technology than other countries. While it's not widespread in the U.S., a chart on EMV's website shows an adoption rate of anywhere from 73 to 94 percent across Europe. 

CNN's Zain Asher points out at least one big reason why the technology isn't widely used in the U.S. is because it would require changes from both credit card companies and retailers. 

"You think about how much it would cost American banks to really replace every single card in the United States with one of these chip and PIN credit cards. It would obviously cost a lot of money. And then retailers would have to update their point-of-sale systems."

Another revelation from Tuesday's hearing is how long the breach actually lasted. According to The Wall Street Journal, Mulligan said the company found out malware remained on 25 machines three days after Dec. 15, the day the company announced the malware was removed. 

The New York Times reports other credit card companies said they will require all American retailers to install EMV technology by October of 2015 or they'll be liable for costs resulting from data breaches.