Christmas is past, and a post-holiday ritual is on the way.
Yes, bank statements and credit card bills will start arriving any day. With the massive data breach involving Target and its 1,797 stores, there's added reason for careful scrutiny of those document, now and for months to come.
The thieves got names, credit and debit card numbers, expiration dates and security codes belonging to 40 million people who shopped at Target between Nov. 27 and Dec. 15.
Customers won't liable for any fraudulent transactions, but if their cards are misused, they will be stuck with the hassles of identity theft. Meanwhile, we can all share the knowledge that the United States is almost uniquely susceptible to credit thefts on this scale.
It's not because American thieves are savvier about technology.
It's because American banks and credit card companies have been slow to adopt security measures for credit and debit cards that are routinely used in Europe, Asia and Latin America. Instead of easily copied magnetic stripes, their cards store information on embedded microchips that are extremely difficult to duplicate.
“The U.S. is one of the last markets to convert from the magnetic stripe,” Randy Vanderhoof told the Los Angeles Times. “There's fewer places in the world where that stolen data could be used. So the U.S. becomes more of a high-value target.”
Vanderhoof is director of the EMV Migration Forum, an organization advocating for financial institutions in the U.S. to make the switch to more secure credit and debit cards.
Credit card theft is big business — hitting a record $11.27 billion last year, according to the Nilson Report, which tracks global payments. But that's only about 5 cents for every $100 in transactions, which may explain why credit card companies have been slow to take on the expense of issuing new cards and upgrading point-of-sale systems.
These so-called smart cards, which allow for greater encryption and security, currently account for only about 1 percent of credit cards issued in the United States. And many of them are issued to people who find they can no longer use the magnetic-stripe cards while traveling abroad.
Europe started migrating to smart cards in 2002, and fraud reports have been declining since 2008.
About 80 countries have adopted smart card technology, and it is finally coming to the United States. The major credit card companies plan to upgrade by October 2015.
Given the recent experience with Target, and past security breaches that involved even more customers, it seems sensible to move faster.
So, here's an early wish for next Christmas: tighter security for debit and credit cards issued in the United States.