Leading trade associations representing the merchant and financial services industries announced a new cybersecurity partnership.
The partnership will focus on exploring paths to increased information sharing, better card security technology, and maintaining the trust of customers.
Discussion regarding the partnership was initiated by the Retail Industry Leaders Association (RILA) and the Financial Services Roundtable (FSR), joined by the American Bankers Association (ABA), the American Hotel & Lodging Association (AH&LA), The Clearing House (TCH), the Consumer Bankers Association (CBA), the Food Marketing Institute (FMI), the Electronic Transactions Association (ETA) Independent Community Bankers of America (ICBA), the International Council of Shopping Centers (ICSC), the National Association of Convenience Stores (NACS), the National Grocers Association (NGA), the National Restaurant Association (NRA), and the National Retail Federation (NRF).
“We are committed to working together to ensure customer personal and financial information is secure and protected,” said Tim Pawlenty, CEO of FSR. “Exploring avenues for increased information sharing and collaborating on innovative technologies and safeguarding data will be critical in defending against common enemies.”
“Retailers place extraordinarily high priority on protecting customers’ personal information,” said Sandy Kennedy, president of RILA. “This partnership will improve collaboration across the payments ecosystem allowing us to work together to develop near-and long-term solutions that will enhance security for our customers.”
“Cybercriminals are becoming more sophisticated, and recent events underscore the urgency to update the payments system and protect customers against recent and future threats,” said James Aramanda, president and CEO of The Clearing House Association and Payments Co. “Customers deserve a proactive approach—like the Secure Cloud tokenization initiative to protect consumer credentials that The Clearing House and its Owner Banks have undertaken—by banks and retailers alike to address these real and evolving threats. This cyber partnership is consistent with such an approach and marks an important step to provide for collaboration, continued innovation, and dynamism among all the relevant stakeholders to ensure that customer data will be safeguarded.”
“The U.S. hotel industry is committed to protecting the confidential data of our customers,” said Katherine Lugar, president & CEO of the American Hotel & Lodging Association. “We look forward to working with merchant and financial groups to advance measures to further enhance data security.”
“This is a positive first step toward addressing a complicated set of concerns shared by everyone involved in payments. Consumers expect both that the payments system will protect their sensitive information, and that they receive the convenience they’ve come to expect while using their credit or debit cards,” said Frank Keating, President and CEO of the ABA. “With all stakeholders at the table— including community banks, large banks, networks and retailers—we have a real opportunity to find solutions and continuing opportunities to meet the threats posed by cyber thieves.”
“Customers are counting on everyone to keep their data safe and secure. It’s critical to recognize that the real enemy here is the hacker,” said Richard Hunt, president and CEO of CBA.
“The food retail industry, with its rich history of a vigorous connection with its shopper, stands ready to work with all stakeholders across the payments chain— processors, credit card companies, equipment manufacturers and banks—to find real improvements in increasing customer data security. We welcome this cross-industry partnership,” said FMI President and CEO Leslie Sarasin.
“Issuing banks, payment processors, networks, merchant acquirers and merchants- all share two things in common: customers and protecting the payment system. This partnership embodies these shared commitments,” said Jason Oxman, CEO of the Electronic Transactions Association. “We look forward to working with our partners to protect and strengthen payment system that processes almost $5 trillion in purchases each year.”
“Data protection is a shared responsibility of everyone involved in the payments processing chain,” said Camden Fine, president and CEO of ICBA. “Consumer confidence in the payments system is vital for retailers, networks, processors, telecom providers, and card issuers and is at the heart of the customer-bank relationship.”
“The solution needs to be through cooperation. We hope that this partnership will be a constructive step in helping to create a pathway to improved consumer confidence,” said Jennifer Platt, vice president of Federal Operations at ICSC.
“Everyone, from the smallest to the largest businesses, has an interest in keeping our customers’ payment data secure,” said Henry Armour, president and CEO of NACS. “Working collaboratively across industries to find ways to thwart data thieves is the best approach to protecting customers’ information.”
“Independent grocers take protecting our customer’s information very seriously. We look forward to working together with our industry partners and stakeholders to enhance cybersecurity measures, prevent and prosecute criminal attacks, and importantly to protect the trust that our customers have in their independent grocer,” said Peter Larkin, president and CEO of the NGA.
“The restaurant industry has long sought a constructive, open dialogue with the financial services industry on the path forward toward creating a more secure payments environment for all stakeholders in the payments system. Our customers and their financial and personal data are of paramount importance to us, and on behalf of the nation’s restaurant industry, we are pleased to be a part of an effort that acknowledges that there is a shared responsibility between the financial sector and the retail sector to solve these issues together,” noted Dawn Sweeney, president & CEO of NRA.
“This partnership is a positive step in the right direction, since there is no single solution to the complex issues surrounding cyber security. That is why it is important to bring stakeholders together as we seek answers, share solutions and implement programs that not only prevent hackers from breaching data systems, but protects the consumer by shutting down these criminal enterprises,” said Matt Shay, president and CEO of NRF.
Payments occur in an ecosystem of retailers, banks, card companies, processors, security and technology vendors and others. The ecosystem operates best when cyber threats are addressed collaboratively and each stakeholder does all it can to reasonably ensure the defenses of their internal systems are as robust and resilient as possible. The partnership will encourage collaboration across the industries, focused on the following principles:
· Information sharing is paramount to warding off cyber attacks and protecting data. We are stronger together than divided and must warn each other about cyber threats being waged against all our defenses. The financial services industry has a robust information-sharing mechanism through the Financial Services Information Sharing and Analysis Center (FS-ISAC) that could serve as a forum or model for further information sharing across sectors.
· Other innovative technologies must be implemented, such as systems that will transmit payment data in a way that is unique and dynamic to reduce the risks. Ongoing innovation will be needed to outpace the threats.
· We must forge partnerships among all stakeholders of the payments ecosystem to collaborate on long-term, comprehensive solutions to the threats that are growing to card-not-present situations and the mobile environment.
The companies welcome the participation of any other organizations committed to advancing these goals.
The participating trade associations will form working groups made up of themselves, member companies, and other stakeholders. The working groups will be focused on increasing threat information sharing, innovative technologies that adds safeguards to protect consumers within the payment system and other areas like national data breach laws. While this forum will serve as an effective way for the industries to discuss areas of agreement, equally important, this forum will be a platform to discuss areas of disagreement and seek solutions.