Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CUNA to Hill: CUs, members pay steep price for merchant data breaches
WASHINGTON (3/6/14)--The Credit Union National Association made sure that every lawmaker on Capitol Hill got this message Wednesday: America's credit unions spend millions of dollars--without skipping a beat--to protect consumers from merchant data breaches by re-issuing cards, monitoring accounts and reimbursing customers for fraud.

CUNA called on merchants to start working with financial institutions now to implement the best solutions to secure the system and protect consumers from fraud and identity theft--even though these solutions may be costly.

That message to Congress came in the form of a CUNA rebuttal to a recent blog post by the National Association of Convenience Stores (NACS) in The Hill newspaper.

In CUNA's Hill blog post Wednesday--which CUNA circulated to every federal lawmaker's office-- Executive Vice President of Government Affairs John Magill refutes mistaken claims NACS made about who covers costs of a merchant's data breach: It is credit unions and other financial institutions.

"Merchants are not required to reimburse financial institutions for the cost of card re-issuance after a data breach. Nothing in the Visa and MasterCard network rules provide for merchants to cover the costs of card re-issuance.

"This cost can be quite substantial, particularly for smaller financial institutions such as credit unions: The recent Target breach has cost credit unions about $5.68 per card affected, and that doesn't even include actual fraud losses," Magill states.

Magill goes onto to rebut the merchants' claim of "forced reimbursements" from merchants to card issuers to cover the cost of fraud losses after a breach--calling the whole notion "flawed."

"The Durbin amendment only applies to debit transactions, not credit, and the rate adjustment does not cover the cost of card re-issuance."

Even when merchants are made to take responsibility--like in a recent settlement reached among TJ Maxx, Visa and  MasterCard after a recent data breach at the retailer-- the credit unions involved received only pennies on the dollar to cover fraud costs. (Magill also notes that if network rules really did provide for "forced reimbursements," then there would be no need for this type of settlement in the first place.)

Magill calls on merchants to start working together with financial institutions to implement the best solutions to secure the system and protect consumers from fraud and identity theft, "even though these solutions may be costly."

"While we have all had our disagreements about issues in the past, now is the time to put our customers first and collaborate to ensure the best outcome for Americans," he concludes.

News Now LiveWire
How to use social media for crisis communications Feb. 10 webinar from @SBAgov, @AgilityRecovery
42 minutes ago
#Consumersentiment highest in 11 years @Umich January survey
4 hours ago
#creditunions teach #college students how to handle the plastic
5 hours ago
How you might change how you bank in 2015 @Bankrate
5 hours ago
#NewsNow Ohio, Ga. video: Merchants not watching your wallet
6 hours ago