Too Big For Their Breaches

by Jim Blaine,

Despite the massive legal and legislative wranglings, over the last few years, between retailers and credit card issuers, one major source of argument and friction remains unresolved. That issue, that source of ill-will and dispute is the question of responsibility, accountability,  and liability for losses associated with credit card “breaches”.

A “breach” arises when individual consumer credit card data is stolen from the computer systems of a merchant or card processor. Generally the breach occurs due to the dishonesty or lack of training of a retail employee, or from a flaw or lapse in the security and controls protecting the retailer’s card processing systems.  The mischief and financial losses which result from the misuse of stolen credit card data can be extremely costly to the retailer, card issuer and the consumer.

Retail card breaches are not an infrequent occurrence as most credit union card issuers know. Most frustratingly, retailers and merchants have a well-established reputation for failure to acknowledge their card processing lapses.  Deny, stall, and delay are favorite tactics.  In the meantime, the consumer feels threatened, uncertain, and betrayed, while the credit union bears the costs of notification, card replacement, and trying to help manage the outrage and frustration of the members who have been victimized.

continue reading »