Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  May 5, 2016 5:33am-7:00am EDT

5:33 am
still not certified. that's a huge problem when you look at the liability that went into effect. there wasn't an adequate roadmap to get them certified by that october 1 date. that creates a strain on u.s. commerce and consumers. scott's members have been very helpful to my members. they've been doing everything they can to help get our merchants tested and certified. it's not just their role. hardware providers, software providers, there are a ton of people involved and that's been a real challenge there. it's a process. it's one we are making progress on. there are challenges there. i want to talk about how we brought this to the united states.
5:34 am
there is an organization governed by visa and mastercard. they control the technology that is the backend for these smart chips. one of our lessons learned early on is they manage the process well. it's an indicator that we have huge concerns about them being involved in transitioning the u.s. to digital and mobile commerce in the future. that's one of the biggest lessons and takeaways for merchants who have had to rely on the companies for this major transition. some members of congress of started to look into this and how it's organized in governed. we need to ask why we don't have a more robust four pin here in the united states. there are branches of the federal reserve studying security who point to the development of standards which
5:35 am
they directly and explicitly reference. it may result in lesser security as well as competitive disadvantages for other companies. we have seen that happen here in the u.s.. what does this mean? we do believe that merchants will get there eventually. the certification will happen. it's not happening in a timely fashion for a lot of people. i have merchants who have 800 locations in the u.s. who have not been able to get certified. were talking about a sub set that's been able to fully deploy. we are going to disagree about small merchants. this is great for a food truck or small business. when you look at a simple independent operator grocery
5:36 am
store, you can't have an out-of-the-box solution. you're still going to integrate your point-of-sale. this is not really realistic, even for a small independent perator. we talked a lot about what the liability shift means. i think it's important to know that merchants are covering a lot of the losses. that's something that could have been helped by putting pins on all of these roducts. we see a huge shift in sales to e-commerce transactions and mobile commerce. that's a good thing for the economy. a lot of those losses being born in that channel are by the merchant community. we have this counterfeit liability shift which ranks were covering most of the fraud before. now we see a lot of that transition to the merchant,
5:37 am
which is creating strain on smaller businesses. even some of my large businesses with 800 stores are trying to see $1 million in chargebacks every week. i think it is important to note that merchants are bullish because the charge process itself is a byproduct of signature card environment. the network rules are managed by be sarah and mastercard -- by visa and mastercard. it shows that charges are not accepted on pin transactions. when we look at it deeper, it is improved security. they noted last summer that when you look at the method equally pin-based products, they had the lowest fraud. that is a huge indicator that it is working internationally.
5:38 am
there are several folks who agree, in addition to national banks and companies, the fbi and the new york department of consumer protection and they noted the added benefits of the security. another good example for the pin initiative in australia is where the customers and companies came together a couple of years ago to educate participants in the economy about the mandated pin on transactions at most merchants. the one exception being that quick service restaurants and other low risk, low dollar and small ticket type of merchants, where they basically said under $35, maybe you do not have to ask for a pin, but it makes sense from a policy perspective because all the banks issuing pins on them, if for some reason it is midnight at the drive-through and they want to ask for a pin, they can because it is on the product.
5:39 am
in the u.s., if i have a customer and i say i do not like to lock my smartphone with a pin, i will not use my credit card because i got in trouble the last time i did that -- at least hide it a little bit. if i say, i don't think i will lock my pin, apple will come in and say, i will not enable for any customers who want to put a pin on this fund protected and that would be the same as what banks are doing by not putting pins on their products. i think it is a backstop for us oward innovation in the u.s. i went to close with one other quick piece that we have not talked about and i'm sure most of you may not have it on your radar unless you pay emb debit. i noted challenges we have with certifications, and we will get there, but there are challenges. scott is right. if a merchant wants to program
5:40 am
their point-of-sale and process emb a certain way, they can do that. in order to be pin preferring, they now have to go through this added step, which they did not have to do before when you could wrap transactions in a striped -- and a magnetic stripe environment. there is a new screen prompt and i will put these outs of folks can take a look, but ssentially, it says here we are seeing this popped up as a certification process that merchants who rollout emb at the point of sales. it has caught a lot of folks off guard and it was slowing down time at the checkout only cannot figure out why. people realize the screens were there and it is disingenuous in the sense that this and
5:41 am
companies who said they did not want to put pins and products in the united states are adding a layer of complication to emb, which is already complicated process for consumers. in this sense, where customers select debit, that will route a signature transaction, leaving small businesses more open to liability on chargebacks and the less secure transaction. we have sent major concerns with this. we think it is disingenuous at this point of sales when we are not doing the simplest things we can to protect consumers. thank you very much. >> now, we're going to move to steve. if you will issue your thoughts. >> thank you. thanks to the energy and commerce staff for securing this room. it is much appreciated. i am the president of the american consumer institute at 501 suite 3.
5:42 am
look at a lot of issues from technology to insurance regulation, and it is good to be here today and talk about some financial and credit card issues, including the problem with fraud. starting up at a very high level, as we look at this, it is a bigger problem than all of this, but let me scroll down. we know that there are multipronged threats that affect americans, american businesses and consumers dealing from hackers and fraudsters that affects this is, government and consumer -- that affects business, government and consumer information. whether it is from nations, select government information, personal data on consumers and taxpayers, corporate espionage, the hackers received out of you in this and similar to this, what we are seeing is the value
5:43 am
of financial information and that brings us down to it we are looking not -- what we are looking at, which is intermediaries and consumers are targeted week as of the big value of the transactional information and what it has, including credit card bank information. financial fraud is a major problem. on the whole chain of everything i addressed, it is another example where we are not doing enough and we need to do more about -- as liz stated about the credit card fraud issue -- it needs to be fully addressed. 30 million american consumers were affected in 2014 by credit card fraud. if we look at the u.s. worldwide card volume, about 24%, more than twice as that is a share of credit card fraud in the u.s.
5:44 am
the fact is the u.s. is this a portion in the affected when you look at other countries were over 10 years, 12 years in major western where they have ad a pin option, so what i see is sort of one of the simple steps to get it toward addressing this issue, and it is going to be continuous issue because hackers are this sort of stagnant group. they are very dynamic and they will figure out the next trick. if the trick is online or whatever, the thing we need to understand is that shape and pin -- chip and pin is a reasonable solution, can reduce the profits out there that people seem credit card fraud, simple, low-cost solution and an immediate solution in terms of implementing the chip and pin. the federal reserve data, which is mentioned couple of times,
5:45 am
there is one statistic that shows that the credit card transaction could be made 700% more secure, up to 700% more secure if a pin number had been included. we heard earlier that there is 2.5 million chip and pain in use in the federal government, so they have taken the step, and it is a step that i have not seen the private industry move toward. why don't we have chip and pin? why is it not in the u.s.? one of the simple answers is that consumers are not smart enough to remember a payment number, but -- remember a pin number, but when i turn on my cell phone, ipc, a lockbox, my garage door opener, i go to banks, thanks love paint numbers. if you -- love pin numbers. the first thing they do is push the keypad toward you to put in
5:46 am
pin number. bottom line is atms require pins because banks are liable. debit card, by the way -- a debit card requires pins because banks are liable, but credit cards, they do not require pins. it is because, simply, the banks have shifted the liability, as mentioned, to merchants. had the liability stayed on the issue in banks, we would be using pins today. what it gets down to his banks are not liable, so shouldn't they be indifferent about all of this? why would they care? we are hearing arguments against pins. why?
5:47 am
because there is money in it. they earn more on the chip and signature transaction fee then they do on the chip and pin transaction fee, so on the one side, they should the liability to somewhere else. if it is fraud, they are protected than the other side because older technology benefits from the transaction. the bottom line is the chip is better because of stopping counterfeiting, but the other side with what the pin does, if i drop of this, they could easily forge or scribble something. what the pin does is eliminate that, even online. a simple solution online is if you opt into it to get a text back and they send you an option and it gives you a pin number and you put that number online and it eliminates fraud in that manner.
5:48 am
look, it is not the panacea. we know things are going to change down the road. there are mobile actions that may become dominant in five years or seven years. right now, we have a simple, low-cost and immediate solution for credit card fraud, and that is my position and i am sticking with it. >> thanks. i think you made a good point about pins and the fact that we use a pin so often and every day. i just cannot imagine going to an atm and putting in our card and not entering the pin. that would be a total lack of ecurity for all of us. i went to state clearly before i go into a couple of questions for our panelists to see if any of you want to respond to anything that has been said so ar from the panelists?
5:49 am
>> she is clearly looking at me, so i will take this. n the pin, a couple of things. from my standpoint, eta is agnostic with respect to pin. we believe in chip and choice. we want them to be able to cite themselves, whether that be in, ignature or nothing. y cab ride appear this morning did not ask for anything. it just took my card. reboot merchants should have that choice. a merchant, consumer or bank has the ability now to require a pin in their system. the networks can handle it, the banks can issue it and you will find 20 that have the pin. there are merchants that are moving toward a pin. the federal government asked for a pin. pin is great for getting cash back at the store.
5:50 am
it is not so great that the toll booth or drive-through, so each merchant has a different profile and they have to decide if they want to require pin or not. if you sell high ticket items, you might want a pin, but it is up to the merchant and the technology largely exists for them to do that. pin also has challenges with implementations which is two thirds of merchants do not have the pin pad. if you would like them to do that, you have to purchase a pin pad. pin has strengths and weaknesses. there has been a lot of discussion about other technology out there. one of the challenges for pin is that it becomes a target for thieves. if a thief gets your pin, they can drain your bank account. we have seen atm fraud up in
5:51 am
the last year in england and europe, where they use pin a lot, we have seen it increase and they can target your pin. pins are usually four digits, so there are only so many combinations, i guess you could say 10,000 if you want to make 0000 into a pin. it is not hard to crack. what might make more sense, instead of a pin, a static number that never changes, our dynamic ones. other things available now, biometrics, thumbprints, that is a form of a pin. that is more secure than a static number. we are using selfies, voice recognition, i don't think we have ruled out retinal scans yet, but all of these technologies are getting better and better. when you talk about online transactions, there is another
5:52 am
technology being deployed. it is a way to secure your ransactions online as a way to help reduce online fraud, so there are pros and cons to pins. you need to weigh all the costs and factors for each merchant. we are chip choice, it should be up to the merchant to decide what to use. thank you. >> thank you. i see you are jumping in. >> i agree that it would be great for the merchant to ecide. chip and choice, as it has been coined in the u.s., is not that. to have a choice whether or not we have a pin has to be there. it is not there right now. we are deep talked about the added -- we already talked about the added security. whatever the device or medium
5:53 am
may be with some type of pin, i think that is what scott and i can agree that pins may not be the say all and end all, but it is the best thing we have got there at market today. i think biometrics has its own challenges. a pin is more dynamic because you can change it. if somebody lifts right thumb print, which is a common thing to do, you can steal those easily, i am not going to cut my thumb off to protect my financial data, so there is real questions on how effective hey are. i am not saying that they may not be the future rate they might in fact, but there is a lot to be determined there. going back to the chip and choice, i worked at the national restaurant association prior to that. talk about one of the most challenging environments. the last thing you want is somebody holding out this pin
5:54 am
machine reaching out of your car window. maybe it does not work there, but let's go back to my example at midnight at the drive-through. if somebody is ordering $200 worth of gift cards at $100 worth of hamburgers, i may be suspicious about the transaction. for me to have that choice, the pin has to be on the project, which is not the roadmap we have chosen the u.s. i think it is important for e-commerce transactions, too. we had the last g-20 nation to go to emb. because we have done this so late, we had all the more opportunities to improve the experience with better technology. one of those being the ability to ask for pins in an e-commerce environment. i had a couple merchants role that outlasts year, and they are not seeing the benefit because some of the card networks and issuers have not agreed to support that technology for online e-commerce transactions, so i think we need to get better at that and moved to support those enhanced technologies when they
5:55 am
are there. i want to make one more comment -- can i use your swipe things? this is unique. we talk about food trucks top of examples, but even that independent grocery store operator, all of that hardware in the u.s. has pins on them but it is a matter of programming software. you will be hard-pressed to find anything outside of these examples that will not accept a pin going forward. >> steve? steve: i don't have much to say on this other than in terms of losing your pin number, it i lose my card, it is not inscribed on it. if i lose my card and my signature is on it, you have made. here is that these and it is much easier to look at my signature and force it then to find the card and somehow know my pin number. second point, it is easy to have a situation where may be
5:56 am
three false pins leads to a lockout and notification to the customer, so that is a simple way to make that 10,000 unique numbers somewhat hard to guess. the last thing, i am not sure how comfortable i would be, and may be time of tell, but to hare my biometrics up on a server somewhere where somebody can crack and get my information. i am not sure i'm comfortable doing that right now and may be biometrics is for the future, but i think the chip and pin is something to deal with now rather than trying to think ahead. i would much rather not have my biometric information sitting on the server when i do not have control over it. >> thank you. this has been a good discussion. i think we have great points
5:57 am
out here. scott, you brought up some of the future that we can look toward for verification and i think it is interesting to take a look at what some of those opportunities might be, and i think it is looking at what is available now, which is pins, and looking at what is available in the future, which may be excited for consumers for verification of protection. liz, i wanted to turn to you for a moment. you did bring up some of the challenges that have been faced with this certification process. i wanted to ask you if there have been any other challenges in the road, ones that have followed -- months that have followed october 1. if you wanted to highlight anything else? liz: in addition to what we said, we had inadequate timelines in the u.s. i understand that there is a
5:58 am
real need to protect fraud, and we all talked about with the global numbers looked like and what the u.s. numbers look like compared to the global numbers, and it is quite a challenge on large businesses, midsize to small businesses, not talking about the food truck example, but some of the larger merchants in the u.s., and it has created a financial strain because there was not a roadmap to get it ready by that october 1 dates. we would love to further investigate what the impact has been on those businesses and certain losses have been filed in parts of the country already. it comes back to my key point. it has really shown that the emb companies have not been able to manage the transition in a manner that is adequate for all the payment stakeholders, and that is what we really get when you look at proprietary bodies and standards that has a few and
5:59 am
select companies in mind and we have to move away from that if we go to digital and mobile commerce and may be talking a little bit about these organizations later, but i will cause there for now. -- pause there for now. > sorry. we have talked about this as an issue for the retailers for the credit card companies, but this is really a consumer issue. if you are thinking about this is a consumer issue, i know as the consumer, i have dealt with fraud with two reasons. one for reasons where my card has been compromised without losing it, which the chip will help, but i have either lost or had my card stolen, which the
6:00 am
i would like you all to think about how do we answered this for consumers? why don't we have a pin? why have we not moved to the pin with this opportunity to add to addressing this issue on how to reduce this two step fraud situation? who would like to -- steve? steve: i will take part of that. what i was trying to say earlier is first off, there should not be an impediment for that. consumers are already using them for lockboxes, your tech devices and things such as that. they are using them on atm's, debits, so there is really no reason why we should not take the next step. in terms of consumers have the ability to do this and there are
6:01 am
simple tricks. it is taking a favorite number or something like my old home address or something. there are many ways of coming up with more than one number to be able to recall, so that is the simple issue, but i think the reason is that the consumers are not the obstacle but the players in the market are the obstacle. why the atm and the debit card, we do have this pin numbers, the question is who is liable for the loss? if the issuing bank is not liable for it, they're not going to require the pin, so in the case of the atm in the debit where there is liability, absolutely we see a pin, but when we talk about the issuing
6:02 am
bank when it comes to credit cards, no, they do not want a pin. it is because they have shifted the liability to merchants, one, and secondly, because the chip and signature transaction fee is higher than the chip and pin, so they make money by not moving to the newest technology. them he put on the consolidated -- the economist hat. we have these problems in economics and when you have an agent, so that the issuing bank, is responsible for acting on behalf of everyone else in the environment, the credit card environment, but they are acting in ways that are unaligned with the principles, the merchants and consumers. that is what is going on here, and the solution to economics can go back to the old coast theory. if they became liable for this, the problem with that got
6:03 am
annoyed 20 years ago, so to me, i think the industry needs to step up and make this correction for the benefit of consumers. and allow for the ability for merchants to opt out, so if you run into other issues for small retailers, i understand that, but the point is to say that simply consumers -- they do not want this, and there is survey research that says they do not. consumers that actually use the pin for atms did not have problems using them with credit cards. it is one of those issues that i think what we need to do is move ahead, get that in place and let's reduce the fraud and clean this up and take profit out of fraud, and that in itself will be a big step in reducing this.
6:04 am
everyone is chasing the value of the money. just as i said earlier, you have rogue nations trying to take down the internet or control infrastructure with cyber security threats. it is the same kind of thing. we need to take the value out of that and this is a simple, effective and low-cost means of doing that, to require the pin. liz: i agree with most of what steve said and we have to think about how the chargeback process works, and that is one of the reasons this model has stayed in place. we are not talking about pushing up fraud up of consumers, but those responsible need to step up, either play a bigger role in bearing the fraud toward they should not be managing this process. they put themselves in a role that has created distance in the disincentives to reduce
6:05 am
fraud, so i think that is important. i think initiatives like the white house initiative is a great means to help educate consumers on the benefits of chip and pin, so major kudos to the white house for ever thing they are doing to drive the market in the right direction. i think we need to educate consumers on the benefit. not just protecting the product like we do with the chip, but authenticating the cardholder, be it you pin, biometrics or [indiscernible] i do think we need to speed up certification and that involves a lot of companies getting more involved in that. i noted that they are doing a great job in helping merchants to get there, but we need the rest of the stakeholders to move us forward. as a consumer, i go into one of my local retailers, and even as a payment professional, i don't know where i am going to swipe my card these days because we
6:06 am
did have this october 1 liability ship dates and consumers were led to believe that chip cards are going to be the end-all and say all as of october 1 and you could use them everywhere. we have got to get rid of this screen as the default process. this adds customer confusion and it does not make sense. it is disingenuous to slow up an already new learning process with screens that will benefit some companies and create added confusion for retailers and customers. >> thank you. >> i would be happy to continue on, but a couple thoughts. first, let's start off with the basic principle behind us consumers, we are talking about the liability shift. there is no change in the liability to consumers. the industry goes farther than federal law requires in terms of providing protection against fraud. federal law allows us to charge consumers for the first $50 of
6:07 am
fraud, but we, the industry, have gone further than we need to there. we have a liability shift. it is a temporary measure that moves the liability to the party, the banker at the merchant, who was using the old technology. the liability has always had it. i think steve was talking about the liability on the banks and that would do something different, but they have always had that liability. once the merchant is upgraded to chip, that liability brings the chip back to the issuing bank, so this is simply a temporary shift to provide incentive in the marketplace for the merchant to do this upgrade to attack in-store counterfeit fraud. in terms of the pin itself, there are techniques that exist , my bank if i go to make a purchase over a dollar amount will send a text asking that big tv, buy
6:08 am
please hit y for yes and letter in were no. my bank can do that for me now. that kind of authentication method works perfectly now and there are others we have talked about that are coming online. if the consumer once a pin, there are banks that will issue them. if a retailer wants to accept a pain, there is technology that allows them to do that. if a consumer -- there is another risk to the merchant. demanding a pin and a consumer walks in without a pin cart, the transaction does not go through and the merchant loses the sale. there are risks in the real world in terms of using pins. additionally, if you think about the liability shift, whoever is using the techniques or technology that is the least will have the liability. if the merchant wants a pin and the card turns out to be counterfeit, the merchant has
6:09 am
increased its liability i forcing the pin. of the screenrms that lives was talking about -- was talking about, rules,he durban roles -- every debit card has to have two unaffiliated debit networks. the merchants has to make a choice between which debit network through which they want to route that transaction. if the merchant makes that choice, the screen will not, because the terminal has been given instructions on which network to route the transaction. if the merchant does not make that choice, and there are 8 million merchant so it will happen, that's green will come up because the debit card network does not know where to route the transaction. that screen is designed as a
6:10 am
default -- hey, pick at network because we don't know how to route the transaction. in essence, we have to implement the law in terms of the choice that senator durbin instituted. timing --point on the on the timing of the transition, the timing to chip cards was announced in 2011. during that timeframe, there was time window to begin getting ready. there are various benchmarks along the way. when of the questions to ask and this is hypothetical, is when did the merchant approaches their processor who is designed to help them. some merchants approach them in a timely manner and some, like me, wait until the last second.
6:11 am
some people wait, some merchants may have waited longer than necessary. that was up to them. challenges though is because we have all of these different debit networks, we needed to come up with a common language for all of the debit cards to work on all of the different networks. part of the challenge to that was that we did not have the law or the regulations around implementing senator durbin's language until the court of appeals ruled with the fed in march of 2014. three months later, that common language for debit cards came out and was available. part of the delay was the legal wranglings over the exact language within the revision. you could argue that had that not existed, there could have been more time or other merchants may not have had a reason to wait but that was part of the hold up to get us where
6:12 am
we are at this point. >> i have a response from both liz and steve. steve: once the liability shift takes place, and those costs are then incurred by merchants, it is a misnomer to say that toehow those costs do not go consumers in the form of higher prices. they always do. it is an indirect cost to consumers. the fact that this was a liability shift, puts consumers you goline -- every time to the store, it is like saying that shoplifting does not affect the price of your goods, it does. : i want to chime in. before we go into depth about debit routing, that is an
6:13 am
important thing to clarify. scott mentioned banks always have the liability. that is not the case. card presentr counterfeit fraud. if someone re-creates the magnetic stripe card and goes to the store and swipes it which , itsometimes still happen is resulting in a lot of fraud shift to merchants who have not been able to get certified. we have heard about that from law enforcement authorities. right now, he even noted that fraud is shifting. the balloon is shrinking. agree -- there are merchants that waited too late. there were merchants that did not wait too late. those that did not wait too late to reach out to their processors to get ready by october 1 and have not been able to get there is a huge problem. the transaction peace is an interesting item and i do think
6:14 am
it is something folks will want to look into. we have reason to believe that some of the larger banks are reducing their transaction fraud monitoring the cousin the incentives out there. i don't have concrete proof. we have heard that anecdotally. i would love to know if people are still receiving text for purchases over a certain amount. i think that pretty much covers everything but of comments on debit routing. this is a really important piece. for debitn transaction routing is really important. it helps create efficiencies in security, in cost, and ultimately efficiencies for consumers. what the durban amendment did was that it said there had to be competition in routing on debit card transactions. it is also important from a redundant take standpoint. if someone were to hack into the
6:15 am
largest system out there and there was not a second option, that becomes a real problem for u.s. commerce. redundancy is important. we see all the time in grocery with transactions, redundancy is critical in being able to serve our customers who come in with a card. the same should be for private cards, fully privatized cards in credit and debit as well. changing did was a created redundancy and protections. that is a very good thing. where the only option to route a transaction would be these or mastercard -- or mastercard. not only is that bad from a security standpoint, but it also disadvantages u.s. network which is competing for business. this screen is not just
6:16 am
something that pops up if the smartnt's not doing routing. it pops up regardless. a merchant can program their point-of-sale at certain levels. default certification. i do have merchants that do smart routing who has -- who have a ploy to this screen and it has messed them up. is ais a byproduct -- this set way for you to roll this out in the u.s. and then some of the major networks being involved in the certification process and deployment. this is unnecessarily creating consumer infusion. regarding the timelines, as far as getting domestic debit cards , the biggest challenge was not a pending lawsuit. it was because the code companies did not want to open up their technology. work and io patent understand their concerns but we are talking about 20-year-old technology.
6:17 am
it is not new. this was rolled out in the france in the early 1990's. the fact that they were not willing to open up to get their networks on, it was about competition. the durban amendment has helped enhance that competition that can exist. without -- absent that competition, we would be in a very dangerous spot and that is one reason why we had age or concerns in the merchant community about the code playing a larger role in mobile commerce because of the lack of competition that could result. thank you. i will move to the audience in one minute but before i do, you have been very patient. we did mention by secure on the panel and i wanted to just see -- it is a great program. we are so pleased that the administration has been helpful
6:18 am
in educating us about this issue. i wanted to see if there was anything you wanted to add before we moved to two and a. : when we announced by secure in 2014, our focus was on security and what would be the most secure for american consumers to use. the president was robust in saying that it is chip and pin. we can be technology neutral and look for more innovation beyond the pin itself but we are looking for a system that authenticates the chip. as presented at the terminal. i know many of the companies that we have worked with, that they are looking at new innovative models and they are coming up with great technology. and cyberonsumer security campaign we have been working on, a lot of companies have come to the table and said
6:19 am
this may not multifactor authentication for an online account, but here is a tool that we use. i know that some of the card readers may have encryption and other tools to help consumers online. from the white house is perspective -- from the white hese's perspective, whatever you can bring to the table regarding security, we want to see it. we do need baseline security. great. what i heard you say at the beginning, right now, it is chip and pin. camille: i think the president said that. you, camille. folkse will move to the to see what questions you may have for the panelists. we do not have a roving mic.
6:20 am
please identify yourself and speak as loudly as you can. yes. >> thanks. yahoo! tech. usa today. if chip and pin mainly solves lost or stolen cars, what percentage is due to the fraud picture? fraud, half ofat it is online and the other half is in store. within the in-store context, the bulk of the fraud amounts to about 70% being the counterfeit card fraud. the remainder, a good portion of the remainder is lost or magstripeiz: fallback options. chip and pin would help solve counterfeit cards in that sort of instance also. someone comes in with a chip card.
6:21 am
>> is it useful at this point to talk about how pin could be used with online transactions? that is something we have not into.- delved is there someone that might want to talk about that? liz: there is a commercially available solution that has been out there for quite some time. it is there to help the customer. it is called acculink. it has been successfully deployed in india. the usda was looking at it several years ago to do transactions online and how we could move that forward. it has since evolved to private businesses, airlines, department stores and others that have deployed the technology and it allows you to prompt the customer for a pin if the car
6:22 am
they are using has one and has been enabled the card issuer and the networks. it really does coordinate mapping. theare never had the ring pin in an online environment. it is fully encrypted and a very secure solution. is capacity to do pin online available. we are hoping for further adoption. would add that we are not against pin but in addition to thinking about another way to tackle this problem would be a kenization.led to we are ahead of the rest of the world in it. it is taking your credit card account number and creating a token, a mathematical representation of your number. if you use a mobile phone, that is what is in your phone, it is not actually your card. in an online setting, you can
6:23 am
create a token that is a signed to you. never you make a purchase for example on amazon, it does not store your credit card number, it stores a representation of a fromhat helps reduce fraud someone stealing your card and using it. they cannot use your card because the card they are trying to use is the number and not the token. choice, pinhip and is one way to think about it and tokenization is another. >> i was going to say that i agree with both. in addition, there is another option that pops up here and there. a short-term one. if you have an account with someone you regularly use, the have your cell phone anyway and they send you a specific pin number that you would then put
6:24 am
in to the transaction. all of these are good ideas to move forward with. the tokweigh in on enization. we don't consider it new but it is very good. i think i even heard paypal a tokeand a half ago last at n being newization as they have asn using it -- being new they have been using it for quite a while. scott mentioned payment tokenization. thatl absolutely agree this is a good customer facing experience. have some concerns with certain retailers as far as the back and security of this. developed -- we have some concerns. companiesdful of
6:25 am
managing a proprietary set of standards. we also have some concerns regarding this stagnant nature of it. there are some concerns but i agree that it is the right way we should be headed and thinking about tokenization technology. if i am a merchant and i have all of this data coming in, i want to tokenize and encrypt that data. that is being undertaken by large merchants here in the united states. we did a survey of our membership and at least 50% of them were fully deployed with some tokenization solution. i think we will see that number grow. was also here on the hill with in last year and they said that was a top priority for them.
6:26 am
environments like restaurants and hospitality where you have seen a number of malware attacks on their system, this is helping to protect those merchants. one other type of tokenization is third party. a service that is rolled out by -- merchants suppliers. some are very new to the e-commerce space. a lot of scott's members provide a great service in providing tools as antion off-the-shelf solution to merchants. one complication is that if you are a merchant that operates in an in-store card present environment as well as a card not present environment, you have to have all of your systems mesh up. even if you had started to deploy some of these encryption
6:27 am
solutions for your online business, you really had to wait until you were ready to roll out to make your front of the house matchup. have come-- merchants close to employing these solutions, emb has actually been a holdup which is an unfortunate byproduct. here andis a theme that is to try 2-d value your payment card information. whether it is adding a token, whether it is encrypting it. thee, you mentioned economics. that is one of the goals of making the system safer to end fraud which is one of our devalue the to information. if you can't get the information coming you cannot use it. however you want to protect it, it will require multiple steps. all of that is designed with one thing in mind and that is to fraud.-- thwart
6:28 am
unfortunately, if we build a 10 thievesl, the leaves -- will build an 11 foot ladder. this is a constantly moving target and we have to continue to deploy resources to protect retailers and the system and the consumers. the other goal is to make sure that the transaction goes through so you can buy the foods, go to the restaurant, and visit your favorite retailers and the transaction will go through. goals, taking two sure the transaction goes through and defeating fraud are the guiding principles that we are all working towards achieving. >> that sounds like the one minute closing remarks that i was just going to ask for. >> where is my microphone -- i want to drop it. >> any other questions? my question is -- as you talk
6:29 am
about this technology and how it affects the consumers, versus the retailers, i can see scammers trying to steer from the larger operations towards the smaller shops. associated tost upgrading those systems for the merchants? >> the answer is it depends. if you are a food truck, and you are trying to upgrade to chip, it could be as little as $50. if you are more complex, there would be an increased cost to upgrade the merchants system. that is in terms of the hardware. whilems of, temporarily, the shift is going on, if there
6:30 am
is counterfeit card fraud, currently if you are the party using the old technology, then you would be currently libel for that counterfeit fraud loss. camille: one thing that has been remarkable about this market is the innovation that has come about in the last view years. there are increasingly new products that have increasingly toplex systems but small maybe medium, depending on your definition, retailers and merchants can use. beyond small attached to your phone chip readers, you can have an on the counter terminal for a very low price that has been offered by some of the newer processors. : i would echo everything that has already been said. some solutions that are more affordable if you are a
6:31 am
small business. to integrate something like a server station at a restaurant, a small restaurant, not just a counter service restaurant, that hardware is about $10,000 with full integration. you see most merchants, smaller ones, upgrade their point-of-sale hardware every 5-7 years because it is a expensive process. it is a capital investment for folks. you have the time to bring someone into program for emb acceptance to make sure your hardware and software is working together. it is a cost burden on small businesses but as scott said, we are trying to get fraud out of the system and it is one good will in the toolbox, to deploy emb. >> we have time for one more quick question. i am sorry, i have one person in
6:32 am
the back. i will let him go. >> my name is william cunningham from minority finance.com. vulnerableout communities including women. on the women's side, i am thinking about a case we were made aware of of a woman who was in a shelter. how,ow, i'm not quite sure had used some technology to get her location and caused an issue at the shelter. i am just throwing that out there. don't know if this is isolated to a credit card issue. -- andly is important this is true of online companies and merchants and banks and everyone in the environment. everyone dealing with the collection of personal information. it is retention and its use and notifying consumers and having
6:33 am
the ability to opt out up its use. in some cases, people do not realize that you have your cell phone on and there is a code being said and stored somewhere that has your location because you have a gps or a restaurant finder. it is being stored. in one case, one major online provider had to file that release and you could identify -- how do you know which person has the mac? the owner or someone close could have known. i am just saying that it is possible, and it is really important in this whole scheme of things, higher than the credit card fraud issue, but when it comes down to it, it is so important to make sure that everyone in the environment has responsibility for storing and protecting and making sure that the servers have firewalls and
6:34 am
virus protection and other services to protect them. that consumers are aware of the retention life and how that information will be used. and the option of opting out because some of this information is being used for marketing. a good question. have talked about mobile commerce and there are studies that show a lot of bank consumers use their smartphones as a primary means of accessing the internet which may open a whole new market of folks paying with this device. steve was talking about the security of payment data is absolutely paramount. as we go forward, one of the primary priorities for merchants is that if we will accept an apple paid or an android pay, it is important that we have a bilateral agreement with those companies to ensure that we know managed data is being and used so we can better protect our customers.
6:35 am
>> very good points. will run down, starting with yourle, and just give us 45 second closing comment. you have done a good start so you may only get 30 seconds. your last remark said it all. if you want to put a tale on that. e: the privacy and security of consumer information has been a fundamental concern of this administration over the past eight years. the first administration that has gone digital. our lives are increasingly digital and it is the first time that we have had to confront these challenges. with initiatives like by secure secure, you can take a
6:36 am
segment of the economy that needs security and do tactical limitation of security. hill and thethe next administration will decide to confront issues of privacy and security that they use us as a model in the small places but also looking at the entire environment. i think that is something that still needs to be done. to borrow the line -- that which unites us is greater than what divides us. we have done many of these panels. i would put it above 50% of what we share and agree on and we all share the common goals of ensuring the safety and speed of the system while still protecting consumers in terms of their data, privacy, and location. all of those are simultaneous
6:37 am
goals that we all share. iz: i don't think i can put it better than that. we agree about 80% of the time. it is all about protecting consumers and the economy and the stakeholders who are involved in the process. one thing i will leave folks with is a take away. as we move into digital and mobile commerce space, lessons learned is that we need to be thinking outside of the box. let us not look to the same traditional payment companies to facilitate payments. to some of at ahead the sim tech firms and retailers. we're talking about commerce. i don't say global payments but mobile commerce -- payments is a piece of it that there is so much more than that and there is so much added value that we can bring to raise every day.
6:38 am
think is anology i great will. what we are seeing coming online are a lot of options available for merchants and for issuing card banks to put in more secure protections which ultimately will benefit consumers. i think the technology is here. agree with what was said earlier about the latter -- ladder getting higher all the time. i also think it is important to say that i don't inc. the consumers are the impediment towards moving to him. and ik they use in today think that is a viable option for protecting their information. from what i have heard regarding the discover card, the ceo has agreed that the pin is a good
6:39 am
option. i will close by saying that i think it is a simple, low-cost, and immediate way of addressing credit card fraud -- chip and pin. to all foru so much coming and thanks to our extraordinary panelists. this has been a great session. please take a chip and pin cookie before you leave. and thank you again to everyone for being here. it was great. thank you. [applause]
6:40 am
6:41 am
>> c-span's washington journal, live every day with news and policy issues that impact you. coming up, becky vonn, addiction services to the vice president for the national council of behavioral health will join us to discuss her organization's efforts to lobby the house. the national council is pushing for changes through the house legislation. the president of the citizens united will be on to talk about the latest on the campaign 2016 and the influence of money and politics. c-span'so watch washington journal coming up at 7:00 a.m. eastern. join the discussion. >> recently, our campaign 2016
6:42 am
bus they do visit to pennsylvania during its primary start -- stopping in gross city college, western -- washington and jefferson college and others where students and professors learned about our road to the white house coverage. as well as our online resources. visitors were also able to share their thoughts with us about the upcoming elections. we also visited the middle school to honor seven ninth graders for their winning videos in the competition. a special thanks to our cable partners for their help in coordinating these community visits. you can see all of the winning documentaries online. today, john kasich, the last republican challenging donald trump for the presidential nomination dropped out of the race. shortly before his formal announcement, donald trump said he would be interested in
6:43 am
john kasich as his running mate on the republican ticket. this announcement from columbus, ohio is about 15 minutes. [applause] [cheers] [applause] gov. kasich: thank you all for coming. the first thing i have to do is to thank my great wife karen-- [applause] she has endured my political
6:44 am
career, accentuated it. there is no one like karen. she's charismatic. she walks into a room and people fall in love with her. when she appeared on anderson cooper, john weaver commented that if we'd only run karen, we would have been a lot more successful. [laughter] i happen to agree with that. they are unbelievable. they have been so supportive. [applause] they've traveled with me around the country as well. it was such a delight to have the family on the road. as their principal has said, don't let education get in the
6:45 am
way of learning. they learned a great deal. i want to thank the worthington christian staff for their patience and willingness to look after our family. it was terrific. our staff -- [laughs] nobody has ever done more with less than what this staff has done. it has always kind of been this way. it has been a mystery to me, other than to say that i like to think that they think that they have been part of something bigger than themselves. and we all want to be part of something bigger than ourselves. and i think we do it with honesty and integrity. as a result, i think i know, and i sure hope and pray, that they feel this experience in this
6:46 am
campaign has improved them in some way for the better. i'm looking forward to spending more time with them. the volunteers -- just amazing. i don't know how many, 800 people we had that went to new hampshire. people that went to michigan. people were in south carolina. i would show up in places, and people i knew. i was like, why are you here? they were believers. i could never thank them enough for the long car rides in the snows of new hampshire. they knocked on doors. in the rain of south carolina, they knocked on doors. my mother always used to say, never forget the volunteers. they were always the ones that have given me the octane, the
6:47 am
fuel to be able to carry out my purpose. i want to thank the people that gave the money, the financial resources. we never had all the money we wanted. we were probably outspent 50 to one. but we were never daunted and -- in that. we got up every day and did the best we could. a big thank you goes to beth hansen, the campaign manager. [applause] she did everything she could possibly do. and my dear dear friend, doug price. [applause] well, we start getting into these names, emma said, mr. doug didn't you travel with my daddy for a year and a half? reese looked at her and said,
6:48 am
how did you do that? [laughter] we are going to have a lot more fun in the future. the kitchen cabinet -- i look at joann and tim, the only guy i know that carried more luggage than an entire circus group. it was unbelievable. i know i am leaving some people out. i want to thank everyone of you. i visited these beautiful beautiful towns in new hampshire. people have really counted me out in new hampshire. when we had our 100th townhall, it was remarkable. those beautiful towns. i will never forget the people of new hampshire. we moved from new hampshire in the far east, all the way to the excitement of california. even being able to sit in
6:49 am
traffic in los angeles. [laughter] and i just loved california and what it means to our country, and the excitement that it breeds. i remember we were in the upper peninsula of michigan. i never knew where it was. i never knew it was actually located above wisconsin. we landed. i remember, everybody was looking at their phones. i said, would you all please put down your phone, this is a winter wonderland. this is magical what we are seeing here, what the good lord has given us. to the energy of miami beach, florida, for one of the last debates. it was interesting, they did not think i could make any debate. i made all 13 of them. in fact, won a couple of them. as for my beloved ohio, the people here -- i cannot tell you how much i appreciate the
6:50 am
opportunity that you have given me to be a leader state. state.er in this the people of ohio have given me the greatest professional experience of my lifetime. i have tried to pay them back. last night in cleveland, a woman, african american woman said, you made promises, and you kept them. and that is why i am here tonight, because i believe in you, that you brought our people together. well, it only happened because the people gave me a chance. everywhere i went in america, i told the people about our beautiful beloved state. and held ohio high. i think i gave people and impression from one end of america to the other that ohio is a special place. i expect we're going to have
6:51 am
more visits as a result. i marveled at my colleagues that held public office. they knocked on doors and made phone calls. people that came from the legislature. when you are an executive and have to deal with the legislature, it is not always peaches and cream. but yet these legislators, the leaders, the speaker of the house, the president of the senate, some of my statewide colleagues like the attorney general -- just incredible that they would have come out and honored me. frankly, i was so humbled by the fact that they came. and they loved me. they encouraged me. the people of our country changed me. they changed me with the stories of their lives.
6:52 am
what we all remember that hug in south carolina from that young man who had found despair, and then found hope somehow. and he just wanted to give me a hug. the country marveled. but you know, that was one of a series of these things that had happened. the gentleman that showed up in new hampshire. he said, i don't think i have warned my son enough about the dangers of a certain type of cancer, and now he has it, and i am blaming myself. he put his arm around me and cried. i said, sir, it's not your fault. you didn't do anything wrong. you are a great father. you come here all the way from new york to tell me about this. take the load off of your shoulders. he wrote us a letter saying that
6:53 am
little conversation made a difference with him. and when we went to new york, months later, standing at the rope line was that man. he said, i want you to know, my son is doing much better. and i wanted to be here to thank you for taking the time with me. we were in a hall in michigan. a woman stood up and showed a picture of her son who had taken his life. we talked about faith, talked about her son and where he was. and everybody in that hall embraced that woman and made her feel that she was not alone.
6:54 am
see, stories like this occurred all across our country. and i think it's frankly because, for whatever reason, god gave me the grace to make people feel safe and comfortable. they came to these town halls, which were absolutely magic. i've learned something, folks, that we all need to slow down our lives. slow down our lives and listen to those who are around us. let me be clear, we all know that economic growth is imperative to the success of our country. economic growth gives people an opportunity to realize many of their hopes and dreams in life. and without a job, the family is weaker, the community is weaker, the neighborhood is weaker, the state suffers, and our country struggles.
6:55 am
i can tell you economic growth can be achieved by public officials if they just do their job. but they have to ignore polls. they can't focus on focus groups. and they have to overcome the fear of reelection or criticism. see, the formula is simple and it works. it is common sense regulations that don't crush our small businesses. that is where our kids get their work now increasingly. that is the fastest area of job growth. we need to lower taxes for individuals. we have to cut taxes for businesses so they invest in america, not some country in europe. we need a realistic path to balance the budget. frankly, nothing more imperative than a balanced budget amendment to the constitution to force congress to do their job. we have to keep in mind that we have to shift power, money, and influence from the government to
6:56 am
the people wherever we live. we have to run america again from the bottom up. however, the spirit, the essence of america lies in the hearts and souls of us. you see, some missed this message. it wasn't sexy. it wasn't a great soundbite. but i saw a young lady in philadelphia who came to me and said, i'm a producer on a major cable show, and i watch your town halls and talk about the spirit of our country. and she said, you have affected my life. you see, i believe we all need to live a life bigger than ourselves.
6:57 am
yes, we need to live a life a little bit bigger than ourselves. we need to reach out to help someone else. because you know what? it comes to us naturally if we let it. we are, as human beings, kind of hardwired to want to give someone else a lift, give someone else an opportunity. when we reach out and help someone else, what it does is it opens us, ourselves, to recognizing and receiving the help that we need in our lives. it's a virtuous circle when we help someone else to rise. it opens us up to receive the things that we need in our lives, regardless of who we are. to paraphrase an old adage, i sought the greatness of america in her harbors and in her
6:58 am
rivers, and i did not find it. i sought it in her fertile fields and boundless forests, and did not find it. i sought her greatness in her halls of congress, and i did not find it. you see, after this campaign, i see it in us when we come together, when we lift one another with our eyes on the horizon. throughout my campaign, i have said the lord may have another purpose for me. and it sets all the pundits atwitter. does that mean he is not committed, or he is not focused or not energetic? it showed to some degree how little they understand about life. you see, i have always said that
6:59 am
the lord has a purpose for me, as he has for everyone. and as i suspend my campaign today, i have renewed faith, deeper faith, that the lord will show me the way forward and fulfill the purpose of my life. thank you, and god bless. [applause] >> today on c-span, washington journal is live next with your phone calls, tweets, and facebook comments. the commerce secretary is speaking at a holocaust memory ceremony. and tonight, donald trump will host a town hall this evening. we will speak to the vice president of the national council for behavioral health addiction services regarding their lobbying efforts on opioid addiction. and david will talk about
7:00 am
campaign

4 Views

info Stream Only

Uploaded by TV Archive on