Thursday, September 4, 2014

Endless Stream of Merchant Data Breach Cases - Card Changes

This week has delivered news of yet another large national merchant who has had customer card data stolen from them. Home Depot follows a long line of merchants who have clearly demonstrated the inability to protect card data being utilized in their establishments. At this point, financial institutions have very little faith in merchants protecting the data that they process. Huge fraud costs are being absorbed by the financial institutions because of these merchant data breach incidents. Litigation to recover losses typically results in pennies on the dollar for actual costs realized from the fraud that occurs following the data thefts.

To protect member assets the credit union will soon begin restricting daily VISA Debit Card activity to a maximum amount of $1,500.00 per day. Members will have an additional $500.00 per day available in cash from an ATM. These will be the default daily card limits on all VISA Debit Cards. In addition to these changes, a cap of no more than 5 transactions per hour will be in place. Again, these changes are necessary because the merchants have not shown the ability to protect card data being used in their businesses. As it stands now, card data is being stolen from the merchants and counterfeit cards are being produced and used to steal money from member accounts. If merchants were bearing the costs for these counterfeit transactions that would be a different story, but they are not. VISA liability rules have been protecting the merchants from responsibility over counterfeit card use.

If members know that they will have purchases that will exceed the $1,500.00 daily amount they can call or visit one of our offices to request a higher temporary purchase limit for a specified period.

We regret having to make these operational changes with regards to VISA Debit Cards. Consumers have grown very accustomed to using VISA Debit Cards like cash. Unfortunately the thieves have also grown fond of VISA Debit Cards. Since North Alabama Educators Credit Union is ultimately responsible for all unauthorized card activity, we had no choice but to take appropriate steps to reduce the card losses that affect the entire credit union membership.

These changes are scheduled to be fully in place by November 1, 2014 following notifications and educational communications to our membership.