Data breaches exposing the credit card information of millions of Americans have become regular news. Many of these thefts could have been prevented by switching from cards based on easily subverted magnetic strip technology to newer smart-card technology that is widely used throughout the world. But this would require investments that nobody seems willing to make. Lenders would need to issue new cards, merchants would need new point-of-sale terminals, banks would need new ATMs.
To date the industry conclusion seems to have been that it’s cheaper to deal with these occasional minor annoyances than to take serious preventive measures. Of course, this calculation doesn’t include the immense cost in time and aggravation to consumers who’ve had their card information stolen, but they don’t have an effective voice in the conversation.
The obvious way to force the issue is to significantly increase the cost of data breaches. Imposing substantial fines on the party responsible for the point in the system where a theft occurred might go a long way toward persuading all the players to modernize the system. Banks, merchants, and card processors would then be falling all over each other to adopt the proven technology that’s part of the everyday lives of hundreds of millions of people outside the United States.