Posts tagged: URM Stores
The National Retail Federation urged the U.S. Senate on Wednesday to switch the nation from fraud-susceptible credit and debit cards to more protected cards using a personal identification number (PIN).
The NRF said credit card-issuers' insistence on cards that use a signature instead of a PIN puts merchants and their customers at risk.
In a release, the NRF said banks have done their own research – conducted almost 25 years ago that showed PIN-based cards provided more security for consumers, retailers and banks.
In a prepared statement, NRF Senior Vice President and General Counsel Mallory Duncan said: “The bottom line is that cards are poorly designed and fraud-prone products that the system has allowed to continue to proliferate.”
His remarks occurred at a hearing of the Senate Committee on Commerce, Science and Transportation, which is considering changes in light of cyber attacks in which consumer card numbers have been stolen. Duncan said current magnetic stripe cards with signatures are too easy to duplicate and forge.
“There are technologies available that could reduce fraud,” Duncan said. “An overhaul of the fraud-prone cards that are currently used in the U.S. market is long overdue.”
Some banks and many merchants say the use of a PIN, with or without an embedded microchip, would create greater security for consumers and retailers alike, Duncan said.
Northwest credit unions and banks have been hit hard twice in the past six months, first by the URM Stores card hack that affected several thousand cardholders. Then came the nationwide Target Stores card fraud, which affected several million residents and consumers.
Many advocates of improved transaction security say the United States should follow the practice in much of Europe where only chip-based cards are accepted.
Such cards have tiny chips that generate a unique, one-time security code every time you make a purchase. That code prevents thieves from reusing the data.
The battle over chip cards has been stalled in large part because the merchants don't want to change to newer cash terminals until the new chip-based cards are approved. And banks or credit unions don't want to start ordering and distributing the chip cards until they see a significant movement by merchants to use them.
Consumer advocates also argue that more could be done to protect consumers in the case of debit card fraud. While merchants that require a signature end up with zero fraud liability, it's not clear yet whether the use of PINs would provide the same protection.
Earlier this week we published survey results asking credit unions the financial impact of last fall's URM Stores credit card breach.
The story is here.
Here's a little infographic provided by the survey creator, the Northwest Credit Union Association, which represents institutions in Washington and Oregon.
URM Stores today listed the 67 Inland Northwest grocery stores where card transactions could have been captured during last fall's network security breach. The stores are in Washington, Idaho, Montana and Oregon. Oregon has the fewest stores: the four there are in Heppner, Enterprise, Joseph and Umatilla.
The Spokane grocery co-op posted the full list on its website today, then said it was not yet finished in investigating the attack.
The release avoided saying anything about who was behind the attack. The Secret Service is the lead agency investigating the crime.
See the link below this post to see the PDF listing the 67 “affected” stores. In this instance, affected means: stores where transactions could have been accessed by cyber criminals.
We earlier posted the OfficeHours No. 3 business story of 2013: the huge credit card fraud that's ensnarled many customers of stores served by the URM Stores computer network.
Your deadline to win a $10 coffee card is 10 p.m. tonight. Just post a comment here and tell us your pick for top area business story. Winner will be chosen at random if several guesses are all correct.
Here are four stories that won't make it into the final two:
So those are four you can scratch off your list. Again: deadline is 10 p.m. this evening.
Tonight at 10 p.m. is the deadline to submit entries for the Top Business Story of 2013 for the Spokane North Idaho area.
Just place a comment here or on the two earlier posts that listed Stories No. 5 and No. 4: They were the rehab and cleanup of the Mead smelter and the renovation of a number of major buildings in the downtown area.
Here's the No. 3 story of the year: The widespread credit and debit card fraud connected to data breaches at Spokane's URM Stores. The grocery cooperative operates as a data transmitter for more than 120 regional stores. At some point in the fall, an unknown hacker got access to secure card data. The impact is still uncounted and no doubt affects several thousand local residents (coming a few weeks before the national credit card fraud connected with Target stores).
The most recent Spokesman.com story on that problem is here.
Later this afternoon, check back and we'll announce three stories of major significance that ARE NOT among the top business stories of the year
Spokane police say area residents are receiving “phishing” text messages from a scammer posing as a bank official needing personal information to reactive credit cards supposedly shut down because of fraudulent activity.
Spokane Police spokeswoman Sgt. Lydia Taylor couldn’t say how many such text messages have been received.
But she noted “a large number” of would-be victims told at least two Spokane area credit unions they received the bogus messages sent from the number (208) 758-0211.
The scammer appears to be exploiting fears generated by recent reports of widespread card fraud for customers of Spokane and North Idaho grocery stores.
Last month, more than a thousand area credit or debit cards were involved in a data breach. URM Stores, a Spokane-based cooperative that handles card payments for several area chains, including Rosauers, Harvest Foods and Yoke’s Fresh Market, has said it’s patched whatever security hole in its network was exploited.
Area law enforcement has made no arrests and say they have not yet identified the source of the credit card exploit.
The scam tells would-be victims their credit or debit card is inactive due to fraud. It can be reactivated if the recipient calls back to provide account information, Taylor said.