Three representatives of small businesses said at a U.S. House hearing Wednesday that new chip-embedded credit cards need to have added PIN security instead of the chip and signature favored by most banks and card companies.
The hearing took place nearly three weeks after an Oct. 1 deadline for retailers to update their payment terminals to accept chip cards or face liability for card fraud.
"I am game to go the route to [chip card support] but would really like to feel what I'm doing is really going to help," said Keith Lipert, owner of the Keith Lipert Gallery in Washington. "A fraudulent card is still going to pass through the system" with the chip-and-signature transaction.
Lipert appeared before the House Small Business Committee on behalf of the National Retail Federation. The NRF is the biggest retail organization in the world and represents all the major retail store chains. Lipert owns a small art and jewelry gallery that he runs with a co-worker.
Lipert said that a new chip card will protect card data between a merchant and a bank, but it won't protect against a lost or stolen chip card that's used in a store, nor will it help in preventing fraud in online and phone transactions.
Jared Scheeler, managing director of Hub Convenience Stores in Dickinson, North Dakota, said banks should willingly support PIN security with chip cards since they often own ATM machines that require a PIN to withdraw cash. "If [banks] require [PINs on ATMs] there must be something to that, and we, as retailers, should have that option also." He appeared on behalf of the National Association of Convenience Stores.
Visa and MasterCard, along with nearly all the major U.S. banks, back the use of signatures with chip cards, instead of PINs (personal identification numbers). Bankers and card companies appeared before the same committee two weeks ago to present their case.
In advance of the latest hearing, the Electronic Payments Coalition issued a statement that supported chip and signature. "Large national retail associations are using this hearing to push for a 'security' solution — PIN — that wouldn't have done anything to stop the breaches at Target, Home Depot or Michaels," said Sam Fabens, a spokesman for the coalition, which represents banks and card companies.
A PIN "would not have a meaningful impact on overall payments fraud, and retailers are simply using it to distract from the fact that they don't have to abide by any security standards, which leaves consumers' personal and financial information vulnerable," Fabens added.
Sign up for Computerworld eNewsletters.