The retail industry is committed to protecting consumer data from cybercriminals and hackers in the aftermath of attacks on retailers such as Target (NYSE: TGT), Neiman Marcus and Sally Beauty (NYSE: SBH).
That was the message from The National Retail Federation on Wednesday as representatives made a presentation to a congressional panel during a field hearing of the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies.
The NRF outlined specific steps that retailers are researching and implementing to identify, prevent and combat cybercrimes. One such measure is the move to chip and PIN cards that include a computer microchip. PIN-based cards are equipped with both an embedded chip and a traditional magnetic stripe. With these cards, cardholders must enter their PIN or sign for each transaction to be approved. If the card is stolen, the embedded microchip makes the card extremely difficult to counterfeit or copy. The NRF reiterated its stance that as long as cards are issued with signatures and magnetic stripes, card users are susceptible to data theft.
"Chip and PIN technology dramatically reduces the value of any stolen 'breached' data for in-store purchases because the payment card data is essentially rendered worthless to criminals," said NRF VP for retail technologies, Tom Litchford. "The failure of U.S. card networks and banks to adopt such a system in the United States is one reason why cyberattacks on brick-and-mortar retailers have increased."
The NRF said it will establish an Information Sharing and Analysis Center (ISAC) for the retail industry in June. The program will provide retailers with actionable and timely threat intelligence to help identify and avoid cyber risks. The NRF is in the final planning stages of the program, which will include access to a secure portal through which members can share information about technology and security.
In the aftermath of recent retail security breaches, the NRF has increased efforts to help retailers be better protected in the future. In January, NRF's board of directors launched a proactive and sustained campaign to help address the issue, identify solutions and protect retail customers and the industry's employees.
-See this NRF press release
NRF issues industry-wide directive regarding data security, calls for chip and PIN
Shoppers blame retailers for data breaches, Congress blames Target
Sally's data breach possibly affected up to 280,000 customers
More Target trouble: Jobs slashed amid reports the breach could have been prevented
Target invests $5 million in security education, offers free credit monitoring to customers for 1 year