Clarity from Chaos

By: Dave Campbell

Credit Card Futility

By

If you want to know what the single biggest vulnerability is for identity theft and credit card fraud in your name, that’s easy: it’s using your card at major retail stores that have repeatedly been breached by hackers.

Using outdated kiosk computers to process sales, retailers have allowed clever thieves to install viruses that silently relay customers’ credit card info back to them. This is how Target negligently let thieves pilfer 70 million card numbers, it’s how Home Depot allowed 56 million credit card numbers to be stolen, it’s how Michaels’ stores – well, the list goes on. But that’s how it happened.

Facing these disasters, big box stores might work to increase the security on their own systems, that, according to the Identity Theft Resource Center, a non-profit organization that monitors identity theft and assists victims, are the number one cause of data breaches.

Alas, the stores’ have decided to instead to rely on slick lobbying campaigns and well-compensated political allies to confuse the issue. Specifically, the retailers have been clamoring for banks and credit card companies to issue cards with four-digit PINs.

PINs are annoying to consumers and, from a security perspective, relatively worthless. A four-digit numerical password is inherently insecure because there are only 10,000 unique combinations. A computer can generate all of them in under one millisecond, making “brute force” attacks completely painless for any mildly sophisticated criminal.

Indeed, law enforcement officials in Europe, where credit card PIN use is more prevalent, have observed thieves adapting, sometimes by waiting to view someone key in their PIN before stealing their card.

But what’s easy for a computer is sometimes difficult for the average person, who carries four cards in their wallet, to remember. For these reasons, experts consider PINs to be headed shortly to the scrapheap of history, to be replaced by much more sophisticated approaches like encryption and tokenization.

That doesn’t mean that PINs can’t be a useful cudgel for the retailers, who are looking to use the issue as a wedge that prevents them from upgrading their outdated technology faster.

Enter noted computer security expert (I jest) Sen. Dick Durbin (D-IL), who weighed in on the issue this week in a letter to the FBI.

Durbin complained the FBI hadn’t included language about PINs in the final version of its consumer bulletin that even the newest types of credit cards can still be vulnerable to fraud.

The bulletin “raises significant questions about…whether the FBI is taking appropriate steps to warn against and deter payment card fraud involving lost or stolen cards,” Durbin wrote.

For the second-ranking Democrat in the Senate, Durbin sure is shameless about plugging for the big box stores, which have consistently poured hundreds of thousands of dollars into his campaign coffers, according to data from the Center for Responsive Politics. Some would say it’s the Chicago way.

You may remember a major lobbying dust-up over credit card “interchange fees” about five years ago. Then, Durbin led the charge to put price controls in place on how much Visa, Mastercard and other companies could charge stores to process their payments.

The government-set prices were supposed to help consumers, but that turned out not to be the case, as studies since then have showed the big box stores just took home the extra profit and laughed their way to the bank.

Look, it’s one thing to nakedly fight for your own bottom line in a clear business-on-business K Street war.

It’s another to alarm consumers with warnings about a discredited security technique when your own stores (and Durbin’s own donors) are the ones practically giving their customers’ credit card numbers to fraudsters.

Shame on Senator Durbin.

http://instituteforliberty.org/index.php

Trumka and Hilary; what a pair

By

“AFL-CIO President Richard Trumka said that it was “conceivable” the AFL-CIO might not endorse Hillary Clinton and warned her of the consequences of taking the wrong position on trade in an interview with USA Today’s “Capital Download” released on Thursday.

Trumka said (relevant remarks being around 4:00) that he didn’t know where Hillary stands on TPA and TPP “I think she’s going to have to answer that. I think she won’t be able to go through a campaign without answering that, and people will take it seriously, and it will affect whether they vote for her or don’t vote for her.” Although he added that she may not know what’s in the deal, but once she reads it, she’ll have to take a position.

Trumka was then asked what the political ramifications would be if Hillary took a position “similar to the one she’s taken in the past when it comes to these big trade deals.” He answered, “It will be tougher to mobilize working people. It’ll be tougher to get them to come out excited and work to do door-knocking and leafleting and phone-banking and all the things that are going to be necessary for her if she’s the candidate and we would endorse her to get elected. It’ll make it far more difficult.”

Since 2008, Andrew Langer has been President of the Institute for Liberty. IFL works on a variety of issues—promoting and protecting small business, linking trade and prosperity, tilting against the regulatory state. But at the organization’s core, and Andrew’s, is the desire to promote freedom and individual rights. Andrew has been involved in free-market and limited-government causes for nearly 20 years, has testified before Congress nearly two dozen times, and spoke at the historic 912DC March.

www.instituteforliberty.org