Credit Card Companies - Arrogant, Cheap and Incompetent

Credit card companies are not my favorite capitalistic entities. They promote a better life style, charge outrageous rates, take advantage of the disadvantaged, corrupt the political process and hurt far too many people. They are bottom feeders who are no better than a thuggish street corner loan shark. If credit card companies could break your leads for non-payment, they would. What makes credit card companies indistinguishable from many other avaricious companies is when things go wrong, they use words to pave over their short comings. They attempt to make it sound innocuous.

This past week Visa and MasterCard revealed that data has recently experienced 'unauthorized access'.'Less than 1.5 million' credit card holders information had been misappropriated by illegal means. And, glory be, the 'incident had been contained'.

Let's translate that for the real world. The information was not 'misappropriated' is was stolen. It was stolen by people whose intent is to engage in illegal activity. They will steal from other businesses and attempt to pin the blame on innocent customers of MasterCard and Visa. Thus 1, 500, 000 honest, hard working people will now face the daunting task of making sure personal information, money and their credit rating is not ruined by criminals. Visa and MasterCard then use the word 'contained' to imply they have it under control and not to worry.

They don't have it 'contained'. The reason for this 'breach' was simply they had subcontracted work out to an independent processing company. Rather than pay to had the job done right, these companies choose the path of least resistance, i.e. cost. When the path of least cost is used, the chances of a 'breach' is accelerated. To contain incidents of this nature, companies like Visa and MasterCard will need to accept the responsibility of what they do and pay the price. Isn't that what they are selling? They want their customers to be responsible and pay.

Let's take a closer look at this 'incident'. The independent processor was a company called Global Payments. The breach occurred between January 21 and February 25, 2012. Hmm, really good security, it took the company over a month to realize it was being hacked. And don't you find it odd that this is all coming to light a month after the fact? Glad to see these folks were so upfront about the potential damage done to so many people.

There are two other issues. One, the security, as defined by the Payment Card Industry Data Security Standards (PCI-DSS), a real industry wide standard for protecting customers, is woefully inadequate.
Additionally, the credit card industry has accepted these breaches rather than employing better security measures simply because in the cost-benefit analysis, it is cheaper. Switching to 'smart cards' which will protect customers is too expensive, so the companies eschew the idea. It is obvious the industry has decided to 'triage' certain customers, without their knowledge, in their pursuit if a better bottom line. Funny, I don't recall every seeing that warning in all that print these companies use to protect themselves.

Oh, one last point, Visa, MasterCard or Global Payments have yet to issue an apology. Arrogant, cheap and incompetent. Credit card companies at their very best.