White House Gets Behind Chip and PIN, More Secure Online Authentication
Oct. 20, 2014
U.S. President Barack Obama signed an executive order on Friday that will require all credit cards issued to government employees used for official purchases to be equipped with Chip-and-PIN technology. While the move to payment cards with embedded security chips is ongoing in all sectors due to EMV mandates imposed by the major card networks, the government cards requiring PINs to complete a transaction will be more secure than the Chip-and-signature technology that most issuers and merchants are transitioning to in compliance with the mandates.
For online security, which chip cards cannot affect, the president has asked National Security Council staff, the Office of Science and Technology Policy, and OMB to formulate a plan in the next 90 days “to ensure that all agencies making personal data accessible to citizens through digital applications require the use of multiple factors of authentication and an effective identity proofing process.” Implementation of this plan should be complete within 18 months, the order says.
President Obama’s BuySecure initiative, which only applies to government credit and debit cards, also targeted identity theft by putting the weight of the White House behind enhancing the FTC’s IdentityTheft.gov, improving information sharing and coordination about fraud attempts and organizing a cybersecurity and consumer-protection summit.
The president said he was working with companies like American Express, Home Depot, Target, Visa, Walgreen’s and Walmart to ensure private sector action making Chip-and-PIN enabled terminals available everywhere. Most of these companies are already engaged in the move to EMV, pressure for which has built steadily since highly publicized data breaches began in earnest last year and have continued unabated.