Judge rules that banks can sue Target over credit card breach; Value proposition of Apple Pay rises
A judge last week ruled that banks will be allowed to sue Target for negligence stemming from the retailer's gargantuan credit card breach from December of 2013. Nearly a year ago, Target disclosed that hackers, over a two and a half week period, made off with credit and debit card information from upwards of 110 million customers. In some cases, hackers also made off with personal customer information, such as names, phone numbers, and addresses, from Target customers.
Target of course isn't alone. A slew of big time retailers, from Home Depot to Neiman Marcus, also suffered embarrassing credit card breaches over the past year.
With banks, at least in this instance, now having the green light to sue retailers for credit card breaches, the value proposition for Apple Pay amongst retailers should be glaringly clear. As we've detailed before, the security mechanisms that govern Apple Pay are extremely robust and are at the forefront of an emerging global credit card payments standard. Simply put, it's not a stretch to say that Apple Pay is the safest way to make any type of credit card payment.
A massive credit card breach is an expensive problem to fix and has adverse repercussions for all parties involved. In addition to the requisite security reviews and updates retailers must make internally, not to mention the loss of consumer confidence, replacing affected credit cards in and of itself can cost banks hundreds of millions of dollars. With respect to Target, the New York Times recently noted that "the cost of replacing stolen cards from Target's breach alone is roughly $400 million."
Ars Technica writes on the matter:
The decision could lead to significant changes in the way the cost of fraud is distributed among parties in the credit card ecosystem. Where once banks and merchant acquirers would have to shoulder the burden of fraud (which is how they have long justified increasing Interchange Fees), now, potentially, the order from [Judge] Magnuson could pave the way for more card-issuing banks to sue merchants for not protecting their POS systems properly.
To be clear, retailers who accept Apple Pay are still prone to credit card breaches given that traditional credit card swiping isn't going anywhere. Still, a retailer's refusal to support Apple Pay might work against them in a case where banks are arguing negligence. At the same time, a retailer that supports Apple Pay could argue more convincingly that it is doing all it reasonably can to safeguard consumer credit card data.
The particulars of the Target breach are interesting, though, because the hack could have been completely avoided. The court ruling noted that Target's negligence stems from the fact that they curiously ignored security alerts from their own security software and inexplicably ignored specific warnings that suspicious activity had been detected.
Again, a key Apple Pay selling point is that the service, in addition to being convenient, provides an unparalleled level of security for consumers, banks, and merchants. It's why banks are heavily advertising Apple Pay in both print and national TV spots; they want to throw their weight behind a service that will minimize the likelihood of credit card breaches in the future.
As a quick example, Wells Fargo recently began running this ad for Apple Pay nationally. When's the last time you saw a bank advertise a payment service from another brand?
