Global Payments Data Breach: a wake-up call for the US on EMV

Last updated: 18 December 2019

In what is undoubtedly one of the biggest stories to hit the payments industry so far this year, Global Payments has confirmed that it was the victim of a data breach in January and February which compromised the security of millions of credit card details. As reported by Brian Krebs on Friday, the breach affects Mastercard and Visa cards processed between January 21st and February 25th this year by the Atlanta-based company.

In addition to the distress being experienced by the many millions of people across the US who are now uncertain about the security of their bank accounts, this causes a great deal of frustration among those of us who believe that America’s card payment infrastructure is way out of date.

As the world’s largest economy, it is astonishing that the US remains the only developed nation which is yet to migrate from magnetic stripe cards to EMV (or ‘chip and PIN’ cards). The Global Payments breach would be nowhere near as serious if the data stolen were from EMV cards as, without the chip element, the fraudsters involved could not produce clones of the cards.

This huge-scale breach (which it now appears will involve around 1.5 million cards) is surely the wake-up call the US needs to ensure that it moves from magnetic stripe cards to EMV sooner rather than later. It will not be an overnight process, nor will it be cheap, but compared to the potential cost of millions of cloned bank cards, it would be money well-spent.

Unfortunately, we are too late to stop the crisis unfolding at Global Payments, but if we act quickly and decisively to update our payments infrastructure, then we will be in a stronger position to ensure that such a breach never occurs again.