On October 17, 2014, before an audience at the Consumer Financial Protection Bureau (“CFPB”), President Obama announced the launching of the Buy Secure initiative. This initiative is designed to provide consumers with more tools to secure their financial information in the wake of massive data breaches among national retailers by assisting victims of identity theft, improving the Government’s payment security as a customer and a provider, and accelerating the transition to stronger security technologies and the development of next-generation payment security tools.
As the first part of this initiative, the President signed an Executive Order – “Improving the Security of Consumer Financial Transactions” – that takes critical steps to protect consumer’s financial security and confidence in the marketplace. Specifically, the Executive Order provides for:
(1) more secure government payments, requiring government departments and agencies to transition payment processing terminals and credit, debit, and other payment cards to employ enhanced security features, including chip-and-PIN technology;
(2) improved identify theft remediation, including new features for IdentityTheft.gov and efforts to cut down the time it takes for victims to recover stolen identities; and
(3) a process to secure federal transactions, mandating that all agencies making personal data accessible through digital applications require the use of multiple factors of authentication and an effective identity proofing process, as appropriate.
Other components of the initiative include:
- Cooperation between the federal and private sector. The President directed federal law enforcement agencies to share information with the private sector when they discover identify theft rings.
- Mechanisms for easier discovery of fraudulent charges. The CFPB is working with banks to make it easier for consumers to discover if fraudulent charges have been made to their account.
- Cybersecurity Summit. The President will bring together industry leaders and consumer advocates for a cybersecurity summit focused on protecting consumers using the next generation of mobile payment systems and devices.
- Continued Private Sector Engagement. The President called on the private industry to continue to do its part, announcing that the private sector is already deeply engaged in the effort. For example, a group of retailers representing more than 15,000 stores across the country pledged to adopt a chip-and-pin technology in the beginning of the new year; American Express pledged $10 million to replace outdated card readers at small businesses; MasterCard pledged to provide customers with free identity-theft monitoring and resolutions supports; and various financial institutions are making free FICO scores available to customers.
- Additional Legislation. Acknowledging that the launching of the new initiative was undertaken without Congress, the President also called on Congress to do its part and enact data breach and cybersecurity legislation.
The full text of the President’s remarks can be found here.