State attorneys general call for new technology in joint letter The biggest financial institutions in the U.S. are under renewed pressure to mandate the use of PINs with new chip-based payment cards.On Monday, the attorneys general of nine U.S. states sent a joint letter to the companies, urging them to adopt the technology as a way to reduce the effectiveness of data breaches and card fraud.Banks have issued millions of chip-based cards this year, bringing the U.S. belatedly in line with most of the rest of world, but while other countries switched to PINs as they introduced the cards, the U.S. has stuck with signatures as a second form of identification.The new cards electronically transmit one-time codes instead of card numbers when customers pay. That eliminates the risk of data breaches from malware in store systems like those that hit millions of customers at Target and Home Depot, but it doesn’t stop fraudulent in-store transactions from taking place. “There can be no doubt that this is a less than secure standard, since signatures can be easily forged or copied or even ignored at the point-of-sale,” the attorneys general wrote in their letter. “In order to better protect consumers, the chip-enabled cards issued in this country must be reinforced with the requirement that consumers enter a PIN to verify the transaction.”The letter was addressed to the CEOs of Bank of America, JP Morgan Chase, Citigroup, Capital One, Visa, Mastercard, American Express and Discover, and came from the attorneys general of Connecticut, the District of Columbia, Illinois, Maine, Massachusetts, New York, Rhode Island, Vermont and Washington. The attorneys general are often involved in cases involving data breaches, thus their desire to see financial card fraud reduced.Behind the reluctance of card issuers to force the use of PINs is the competitive U.S. financial services market. No bank wants to be the first mover in case consumers think remembering a PIN is troublesome and switch to other cards in their wallet that still allow signatures.Retailers, which have invested millions of dollars in new payment terminals to accept the cards, have been calling for the use of PINs for several months. On Monday, the Retail Industry Leaders Association applauded the letter, calling chip and PIN the “gold standard” for card security.“There simply is no honest explanation for banks to refuse to provide Americans with the same credit card security offered in Canada and Europe,” the group said. Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe