- Security TWENTY
- Women in Security Awards
The Secure Payments Partnership (SPP) coalition has revealed the results of a study that shows the U.S. credit card industry has disregarded innovations in the security industry. It concluded that these companies have failed in establishing proper security standards, whilst also advising that a neutral body should be put in charge of this in order to protect the general public’s accounts.
The study was a report into EMVCo, which is a body owned by the six biggest payment card companies in the world; it sets technical specifications for payment cards including credit and debit. The report emphasises that the decision-making of EMVCo has put in place practices that have increased the risk of fraud. It argues that their weak security practices have helped keep costs low and their market share high, which has allowed those card companies to dominate the payments market.
The study showed that:
The report says that the card companies and the EMVCo organisation have frequently neglected the innovations and new standards of the security industry, particularly developments in fraud prevention. According to the SPP, this was done to maintain market dominance. Furthermore, the paper stresses how EMVCo claims that its specifications promote “compatibility,” “interoperability” and “secure transactions”. Yet, the what the study displays appears to contradict these concepts, due to the current practices of the big six card companies. In all, this has left the U.S. with a fraud-prone payment system that lags behind international markets in terms of standards in security.