SECURITY EXPERT BELIEVES BANKS, NOT MERCHANTS, SHOULD 'OWN UP' TO RESPONSIBILITY TO PROTECT DATA
January 01, 2007DATA: The data breach confirmed by TJX Cos. today is "quite serious" and looks to be organized, suggests Avivah Litan, an analyst at Gartner Group. She believes the payments industry needs to recognize that it may be more cost effective to change the payment system than ask 5 million retailers to comply with PCI data-security standards. "It's getting old to keep blaming retailers," she says. "The banking industry needs to own up to this problem and take responsibility directly instead of shifting it to retailers." Litan suggests using single-use PINs for each debit or credit card transaction as an alternative. That, she says, would make stolen card information useless.