By Marc Lifsher
3:00 PM PST, February 18, 2014
SACRAMENTO -- Personal information collected from credit card shoppers could best be protected by upgrading the country's entire payment system, the head of the state retailers association testified at a joint legislative hearing.
The Tuesday informational hearing of the state Assembly's banking and judiciary committees looked into the causes of recent massive hackings of about 70 million computerized records at Target Corp. and a smaller incident involving about 1.1 million customers at Neiman Marcus department stores.
Bill Dombrowski, president of the California Retailers Assn., predicted that much fraud would be eliminated after Oct. 15 when all the players in the credit card and payments industry have agreed to switch to a "chip-and-pin" system currently being used in parts of Europe.
The system uses computer chips embedded in cards, instead of magnetized strips. Security would be augmented by also giving the shopper a PIN or personal identification number, such as those linked to bank debit cards.
According to an Assembly Judiciary briefing paper, credit card fraud jumped 87% since 2010, creating an estimated $6 billion in losses.
California, which includes a right to privacy in its state constitution, has been a leader in dealing with breaches of personal information. In 2002, lawmakers adopted the nation's first data-breach notification law. Since then, every state except Alabama, Kentucky, New Mexico and South Dakota passed similar legislation.
Reducing the threat from hacking, most likely, should be the subject of congressional action, said Dombrowski. "The state doesn't have much authority in this area," he said.
Copyright © 2014, Los Angeles Times