NRF: Retailers should not be required to keep credit-card numbers
Washington, D.C. The National Retail Federation told a congressional panel Tuesday that security standards imposed on merchants by the credit-card industry are only “an elaborate patch,” and that a system in which retailers would not be required to store card numbers would do a better job of protecting consumers against credit-card fraud.
“All of us — merchants, banks, credit-card companies and our customers — want to eliminate credit-card fraud,” NRF senior VP and CIO David Hogan said. “But if the goal is to make credit-card data less vulnerable, the ultimate solution is to stop requiring merchants to store card data in the first place. The bottom line is that it makes more sense for credit-card companies to protect their data from thieves by keeping it in a relatively few secure locations than to expect millions of merchants scattered across the nation to lock up their data for them.”
Hogan’s comments came as he testified at a hearing on whether data-security standards mandated by the Payment Card Industry Security Standards Council run by Visa, MasterCard and other major credit-card companies reduce “cybercrime.” The hearing was held by the House Homeland Security Committee’s Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology.
The PCI standards include more than 200 requirements intended to protect consumers against credit-card fraud committed by criminals who hack into computer systems. But Hogan said the guidelines are “onerous, confusing and constantly changing,” and have required retailers to replace previous security programs with new programs that are different but not necessarily better.
“While PCI can reduce some fraud — at extraordinary cost — it is not nearly as effective as a redesign of the card processes themselves,” Hogan said. “Retailers have been required to take extraordinary steps to ensure that somewhere, somehow, data is not inadvertently being retained by software.
However, what is ironic about this scenario is that the credit-card companies’ rules require merchants to store for extended periods credit-card data that many retailers do not want to keep.”
Brown named to PepsiCo board
PURCHASE, N.Y. PepsiCo announced the election of Shona Brown to its board of directors.
Brown is SVP business operations of Google, a position she has held since 2006. From 2003 to 2006 she served as VP business operations of Google, where she led internal business operations and people operations.
NPD: Teen music spending down in ’08
PORT WASHINGTON, N.Y. According to The NPD Group, a leader in market research for the entertainment industry, teens (age 13 to 17) acquired 19% less music in 2008 than they did in 2007. CD purchasing declined 26% and paid digital downloads fell 13% compared with the prior year.
In the case of paid digital downloads, 32% of teens purchasing less digital music expressed discontent with the music that was available for purchase, while 23% claimed to already have a suitable collection of digital music. Twenty-four percent of teens also cited cutbacks in overall entertainment spending as a reason for buying fewer downloads.
The downturn in paid music acquisition was matched by a downturn in the quantity of tracks downloaded from peer-to-peer (P2P) networks, which fell 6% in 2008. The number of teens borrowing music, either to rip to a computer or burn to a CD, fell by 28%.
“While we expected to see the continued decline in CD purchasing among teens in NPD’s music tracking surveys, it was surprising to see that fewer teens downloaded music from P2P sites or borrowed them from friends,” said Russ Crupnick, entertainment industry analyst for The NPD Group. “These declines could be happening due to a lack of excitement among teens about the music available, but it could also reflect a larger shift in the ways teens interact with music, given that so much music is now available whenever and wherever they want it.”