RILA, merchant groups express cybersecurity concerns

Arlington, Va. -- The Retail Industry Leaders Association (RILA) and a group of merchant associations have sent a letter on the state of cybersecurity in the U.S. and how the payments system works in a letter to the Credit Union National Association (CUNA) and the National Association of Federal Credit Unions (NAFCU). The letter dispels what the merchant groups say are many misconceptions the credit unions have been driving regarding recent cyberattacks and the response by retailers and financial institutions.



The letter was sent by the CEOs of RILA, the National Association of Convenience Stores (NACS), the National Retail Federation (NRF), the National Grocers Association (NGA), the Food Marketing Institute (FMI) and the Merchant Advisory Group (MAG).



Among the facts and figures cited in the letter are that according to the 2014 Verizon Data Breach Investigations Report analyzing 1,367 data-loss incidents in 2013, 465 (roughly 34%) took place at financial institutions, while fewer than 150 (less than 11%) affected retailers. In addition, according to the Credit Union Times, more than half of all credit unions are expected to miss an October 2015 date to issue cards equipped with chips. And a 2013 Federal Reserve study finds retailers bear costs of debit card fraud almost equally with card issuers.



"The volume of cyber-attacks has become particularly intense because the antiquated and woefully inadequate magnetic stripe technology still in place today,” says the letter. “As issuing banks in nearly every other G-20 nation have migrated away from this 1960s-era technology to a substantially more secure technology, known as Chip-and-PIN, cybercrime and fraud have migrated to the United States."