March 12, 2014

Berger pushes national data standards in HuffPost

March 13, 2014 – NAFCU President and CEO Dan Berger touted progress in the push for national data security standards in an editorial Wednesday on The Huffington Post and criticized retailers for their claim that chip-and-PIN technology would solve the hacking problem.

"The retailers' zealous insistence on this aspect of security does nothing to afford consumers greater protection; their goal, instead, is to shield themselves from any additional oversight or cost," Berger wrote. "In fact, many credit unions are already moving towards adopting EMV and chip-and-PIN technology, but if that switch were completed tomorrow, the merchants would not be equipped to handle it. Chip-and-panacea? That is pie-in-the-sky talk from retailers, which want the rest of us to ignore reality."

Berger cited a technology expert from Verizon who said "simple two-factor authentication" would be enough to prevent 86 percent of breaches – "security common sense" which he said retailers were not employing.

Berger emphasized the importance of imposing stricter standards on retailers for the sake of the credit union industry, which he said is facing close to $30 million in costs as a result of the massive Target Corporation data breach alone. He reiterated the need for Congress to address the issue of national standards, especially a requirement for retailers to pay the costs of breaches resulting from negligence on their part.

"Our economy and consumers are not safe if only financial institutions are accountable," he wrote. "The companies that store consumer data need to secure their house."