Consumer Reports’ new special report “Your Secrets Aren’t Safe” takes a look at data (in)security and how consumers’ most private information is often under attack from hackers, no matter where they are.
In the wake of what seems like constant data breaches affecting millions of consumers—Target, Neiman Marcus, and Michaels, just to name a few—it may seem like there’s not a whole lot that consumers can do to protect themselves. That may be why 62 percent of respondents in a recent Consumer Reports National Research Center national survey of 3,110 online consumers said they had done nothing to protect their privacy on the Internet.
But it’s not only consumers who need to take action. There are solutions available now that companies and lawmakers could act on to improve data security.
Consumers Union, the policy and advocacy arm of Consumer Reports, is continuing to call for stronger protections for your personal information. We recently testified at a Senate hearing in support of two important reforms that could help put some hackers out of business.
Better payment cards. One lesson from the recent breaches is that the magnetic-stripe, swipe-and-sign payment-card system used in the U.S. is a security nightmare. Such cards are easy to duplicate using stolen credentials and inexpensive card printers. Retailers and card issuers throughout much of the rest of the world use payment cards with an embedded chip that requires a personal identification number at the point of sale. The cards are not foolproof, but they are more secure. Target announced in late April that it’ll use MasterCard chip-and-PIN technology in its Red payment cards. Visa and MasterCard are in the process of converting to chip security (with chip-and-PIN or chip-and-signature security). Merchants must convert to the new system in 2015 or be held liable for the cost of fraud.
National standards for data protection. Today, 47 states have laws governing how and when companies must inform customers of a data breach. That’s confusing and offers uneven levels of protection to consumers in different states. Several bills before Congress propose national standards for data protection and notification, but legislators will have to reach a consensus on what that means. Until federal standards are developed, consumers should check with the National Conference of State Legislatures to see what their states’ breach-notification laws say.
It’s unfortunate that it took these breaches to get companies to commit to doing better, but now is the time to act so we can prevent the problems before they happen. To learn more about what you can do to better secure your information, check Consumer Reports’ guide to Internet security.