Skip to main content

Too Big For Their Breaches

by Jim Blaine,

Despite the massive legal and legislativewranglings,over the last few years,between retailers and credit card issuers, one major source ofargumentand friction remains unresolved. That issue, that source of ill-will and dispute is the question of responsibility,accountability,and liability for losses associated with credit card "breaches".

A "breach" arises when individual consumer credit card data isstolen from the computer systems of a merchant or card processor. Generally the breach occurs due to the dishonesty or lack oftrainingof a retail employee, or from a flaw or lapse in the security and controls protecting the retailer's card processing systems. The mischief and financial losses which result from the misuse of stolen credit card data can be extremely costly to the retailer, card issuer and the consumer.

Retail card breaches are not an infrequent occurrence as most credit union card issuers know. Most frustratingly, retailers and merchants have a well-established reputation for failure to acknowledge their card processing lapses. Deny, stall, and delay are favorite tactics. In the meantime, the consumer feels threatened, uncertain, and betrayed, while the credit union bears the costs of notification, card replacement, and trying tohelp manage the outrage and frustration of the members who have been victimized.

Randall Smith