Wells Fargo, America’s biggest bank by market capitalization, has apparently been scamming its customers by opening unauthorized deposit and credit card accounts for years. High sales targets and promises of bonuses prompted employees to commit illegal cross-selling–which is when you sell multiple products or services to the same customers. In fact, 5,300 employees have been fired for “inappropriate sales conduct” over the past five years.

On Thursday the Consumer Financial Protection Bureau (CFPB) fined the bank $100 million, which is the highest fine the federal agency has ever issued. Additional fines of $35 million and $50 million each are to be paid to the Office of the Comptroller of the Currency, and to the City and County of Los Angeles.

The director at CFPB, Richard Cordray, said in a press release:

Wells Fargo employees secretly opened unauthorized accounts to hit sales targets and receive bonuses. Because of the severity of these violations, Wells Fargo is paying the largest penalty the CFPB has ever imposed. Today’s action should serve notice to the entire industry that financial incentive programs, if not monitored carefully, carry serious risks that can have serious legal consequences.

Banking analyst Dick Bove said on Friday that it’s time to sell your stocks in the bank. He told CNBC: “What Wells has done is it’s saying that it’s treating customers badly, it broke faith with customers. There is no business in the world that can treat its customers badly and continue to expect to grow.”

To gain back the public’s trust after something big like this, especially with the 2008 financial crisis fresh in mind, Bove said Wells Fargo would need to do something drastic. For example, forgive all student loan debt. He said:

If you do that to customers who have student loans, they’ll stay with you for life. It requires something big, comprehensive and meaningful. Whether it’s that exact action or some other action that they come up with, I don’t know. I think it requires a significant step to re-establish faith with the consumer.

Many Twitter users reacted to the news.

“Hello Wells Fargo, I’d like to open a checking account, savings account and two credit cards.”
“You’re in luck. We’ve already opened them.”

— Fake Dispatch (@Fake_Dispatch) September 9, 2016

And one popular question is why no higher executives have been held accountable.

It’s weird how 5,000 front line Wells Fargo employees hit on similar scams without any wrongdoing by high-level executives.

— Matthew Yglesias (@mattyglesias) September 9, 2016

Essentially, employees at the bank boosted their sales by secretly opening new accounts and then funding them by transferring money from customers’ existing accounts. This often brought along additional fees and charges for the customers. It’s been reported that more than two million deposit or credit accounts were opened in this fashion. According to Reuters, employees were told that most customers used six financial tools but that they should push them into using at least eight.

According to CNN’s Douglas Rushkoff, the scale of these scams show that it’s not just the behavior of one bad banker, but rather a symptom of extreme capitalism in the banking world. Since banks make money from extracting funds from customers who want to invest or make transactions, they need to make sure those processes happen. During a time with slow growth though, the bankers need to create some kind of growth synthetically, out of fear of losing their jobs or missing out on a bonus. An easy way to do this is extract more money from people who already are customers, by offering new credit cards with higher fees or loans with higher costs or new terms that are worse for the customer but better for the bank.

Wells Fargo has been known for its ability to cross-sell multiple products to the same customers. In a statement on the bank’s website it said:

Wells Fargo is committed to putting our customers’ interests first 100 percent of the time, and we regret and take responsibility for any instances where customers may have received a product that they did not request.

Wells Fargo has issued a statement regarding definitive settlement agreements. Read more: https://t.co/tCMOlGkfln. pic.twitter.com/DSEjFC1BpA

— Wells Fargo News (@WellsFargoNews) September 8, 2016

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post How Will Wells Fargo Recover From its Fraud Scandal? appeared first on Law Street.

Happy Labor Day, Law Street readers. While enjoying a hopefully relaxing day, check out our top stories of the week.

1. Joe Scarborough Makes Awesome and Bizarre #AmnestyDon Music Video

Joe Scarborough, one of the hosts of the show “Morning Joe” really hates Donald Trump. Scarborough has slammed Trump on multiple occasions, beginning earlier this year, but seems to really have hit his stride with Trump-bashing this week. In honor of Trump’s constant nicknaming of his political opponents, Scarborough has given Trump a moniker of his own: #AmnestyDon. Read the full story here.

2. Impeachment Deliberations Begin for Brazil’s President, Vote Due Next Week

As the world’s attention recedes from Rio de Janeiro–which hosted the Olympic games earlier this month–Brazil’s President Dilma Rousseff is one step closer to being pushed out of office for good. On Thursday, Brazil’s Senate began deliberations regarding her permanent impeachment. A final vote will take place next week. Rousseff, 68, is currently serving an 180-day suspension, resulting from a Senate vote in May. Read the full story here.

3. Chip Cards: Making Credit Cards Safe Again?

By now, most people have become familiar with the additional hoop they have to jump through when buying things at the store. When you get to the checkout counter you do an awkward dance: do I swipe my credit card, do I put it into the chip reader, do I need my PIN, can I pay with my phone? The United States is currently in the middle of an update to its credit card infrastructure, an update that has been difficult for many consumers to navigate. What’s behind the recent changes and why have they just started now? Read the full story here.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post ICYMI: Best of the Week appeared first on Law Street.

By now, most people have become familiar with the additional hoop they have to jump through when buying things at the store. When you get to the checkout counter you do an awkward dance: do I swipe my credit card, do I put it into the chip reader, do I need my PIN, can I pay with my phone? The United States is currently in the middle of an update to its credit card infrastructure, an update that has been difficult for many consumers to navigate. What’s behind the recent changes and why have they just started now?

History and Background

The technology behind the original magnetic strip card was developed as early as the 1960s, but credit cards didn’t become a mass technology until the 1980s. Before then, their use was largely limited to business people and frequent travelers. The main issue originally holding plastic back was the cost. Namely, in the United States transaction costs were relatively low, a few cents each, because they were conducted over phone lines. In Europe, however, transactions were not done this way, leading to much higher costs. And using phone lines was actually a step up from the initial way credit cards were authorized, through carbon papers. When that was the case, people could commit credit card fraud by simply digging through dumpsters.

The video below gives a detailed account of the history of credit cards:

Because the European credit card system was so susceptible to fraud, European companies needed a more secure way to process transactions. Stakeholders got together and began to develop an alternative. This alternative, chip card technology or the formal name, EMV, was unveiled in 1994 and became widespread by 1998 in Europe (EMV stands for Europay MasterCard Visa). Despite widespread usage of EMV technology in Europe and other parts of the world, it has been slow to gain traction in the United States. It was only in 2015 that American companies and merchants began a concerted effort toward adopting EMV.

Adoption in the United States

So why did the United States ultimately decide to switch to EMV cards in 2015 when the technology had been readily available since the 1990s? The primary answer is the recent surge in credit card fraud, starting with the massive hack at Target in 2013 in which millions of credit cards were stolen. This hack, along with several other high-profile incidents, revealed the truth. Namely, companies were trying to secure customers’ data in the 21st century with cards from the 20th. The accompanying video looks at why the United States switched to EMV and what it means for cardholders:

However, the recent change was not the result of a top-down mandate from the government. In fact, the effort was led by a private group of credit companies including American Express, Discover, MasterCard, and Visa. The 2015 deadline was not a concrete point of no return, but one created by the same credit card companies. While companies did not have to meet the deadline by law, the liability for card-present fraud would shift to those who do not comply with the new technology. In other words, if a company or a bank did not adopt the EMV technology by that date and was the victim of fraud then it was on the hook for the cost.

While retailers had until 2015 to comply, automated gas dispensers have until 2017. Likewise, ATMs also have a little extra time–Mastercard and Visa ATMs must make the shift by October 2016 and 2017 respectively.

Advantages of Chip Enabled Credit Cards

Aside from following in Europe’s lead and satisfying the requirements of credit card companies, the EMV cards offer a number of advantages over traditional cards. First and foremost is security. Whereas traditional cards have one magnetic strip that can be easily copied onto a fake card, EMV cards do not. Instead, the EMV cards utilize the chip embedded in the cards, which creates a different transaction code for each purchase. As a result, if someone manages to get that transaction data, the code is unique to a specific transaction and cannot be used again for future purchases.

EMV cards work in two ways. They can be dipped into a machine, where they have to be held for a few seconds longer than it takes to swipe a traditional card. The card can also be held up to a contactless device, however, these devices are more expensive and less likely to be available as the technology is only now entering the American market.

Another distinction for these type of cards is the actual transaction process. Most of the models in the United States will be the traditional swipe or dip and then sign. Currently, most new credit cards have both a chip and a magnetic strip in case a store’s technology has not yet been updated, but in the future, cards will likely only have chips in them. There is an even more advanced version that requires consumers to enter their PIN numbers after dipping the card, but it costs more and is less likely to be seen in the United States anytime soon. In fact, this type has almost been discouraged as the major credit card companies that initiated the switch to EMV cards did not require them to be “Chip and PIN” models.

The video below from Mountain America Credit Union looks at the chip card and some of its advantages:

Disadvantages of Chip Enabled Credit Cards

Even with the deadlines, adoption of the EMV cards has been a slow process. By 2015, 25 percent of new cards issued were EMV. By the end of 2016, a year after the deadline, that number is projected to be only 75 percent. While part of this is due simply to technological limitations and the difficulty small banks can have when switching up their technology, there is more to the story that just that.

Namely, the switch will be very expensive. Updating the millions of traditional card readers will cost approximately $7 billion. On top of that is the cost to replace the cards already out there, which is estimated to be another $1.4 billion. Last, there is the cost  to replace ATMs and old software so that they can read the new cards, a change that may cost up to $500 million.

Although the chip cards’ chief advantage over traditional cards is safety, they are far from hacker-proof. Now instead of targeting the cards themselves hackers can target the machines that read them. Specifically, criminals can drill or even insert devices into card readers that are able to read the information protected on the cards. Using this information, thieves have been able to make counterfeit cards with magnetic strips and use them in places that do not have the new technology.

On top of security is also the issue of privacy, as the new cards also transmit a large quantity of data. Information, like a person’s present location, may become available if the card is hacked. Lastly, the cards are slower to process and many of the merchants required to make the shift either do not understand the technology or its benefits.

Finally, while it is not the fault of the cards themselves, experts suggest that stiffer security from the new cards will lead to greater rates of card-not-present fraud like online transactions. While these cards may improve security for in-person transactions, fraud may simply move elsewhere.

Conclusion

EMV cards have long been popular in Europe and other markets, yet Americans have been resistant. But that resistance crumbled when a series of hacks revealed how easily credit card information could be obtained. The new chip cards do offer advantages, most notably in terms of security. However, they also have a number of disadvantages and will not get rid of fraud altogether.

Not surprising then, even following deadlines for adoption required by credit cards companies, many American merchants have been slow to endorse them. Additionally, American consumers have also been slow to embrace the new technology due to its slower transaction times. Nevertheless, EMV technology is likely here to stay and will soon become the dominant form of credit purchasing. There will undoubtedly be a number of hiccups in the short term as the technology’s flaws are exposed. But ultimately, those same flaws are likely to be addressed and, in the end, just might make the average American’s wallet a safer place.

Resources

Iovation: The History of Credit Cards and How EMV Will Change Things

USA Today: Where is the EMV Card 10 Months Later?

CreditCards.com: 8 FAQs About EMV Credit Cards

Nerd Wallet: What Are the Downsides to EMV Technology?

Payments Source: EMV Tech in the U.S. Is Still Too Slow and Expensive

Gizmodo: How Criminals Can Easily Hack Your Chip & Pin Card

Computerworld: EMV Smartcards Offer Security Benefits Even Without PIN, Visa Says

Michael Sliwinski

Michael Sliwinski (@MoneyMike4289) is a 2011 graduate of Ohio University in Athens with a Bachelor’s in History, as well as a 2014 graduate of the University of Georgia with a Master’s in International Policy. In his free time he enjoys writing, reading, and outdoor activites, particularly basketball. Contact Michael at staff@LawStreetMedia.com.

The post Chip Cards: Making Credit Cards Safe Again? appeared first on Law Street.

December was a bad month for anyone who didn’t want their personal information leaked to hackers or other third-party sources.

Retail giant Target had a problem about two weeks ago when 40 million customer records were stolen. The information contained on the records included names, credit and debit numbers, expiration dates, and security codes. The hackers with that information could easily use it to make fraudulent purchases on customers’ cards.

Popular messaging application Snapchat released that several million of their users’ usernames and corresponding phone numbers were leaked late on New Year’s Eve. There’s actually a site to check if your username was leaked, and it provides tips on how to handle it if it was. If your username was breached, it means that your phone number could be given to spammers or the like.

Skype was also recently breached by the Syrian Electronic Army, a hacking group. Skype has reported, however, that no user information was stolen or lost.

Obviously a breach involving credit card information and a breach involving usernames and phone numbers seem very different, but the truth is that they’re both notably problematic. They indicate a reliance we have on technology that is utterly new to our time, and because that reliance is new, ways to steal from us have also evolved. Everything can be done online, from banking to applying to college to planning a trip. And it’s easy to do those things, it’s easy to trust a site when they say they are secure. But we have to remember that every time we provide our information, there is the possibility that it makes its way into the wrong hands. And retailers have to realize that storing information online can be just as dangerous for them as for a teenager using Snapchat.

The types of breaches that we saw this month definitely aren’t new, and they aren’t the worst in recent history. TJ Maxx Corporation actually had a similar incident in 2006, but instead of 40 million customer records lost, it totaled about 90 million. And in 2009, Heartland, a credit card processing system, had 130 million records stolen.

The former chief security officer of Heartland, Steven M. Elefant, made an important point about security breaches and theft propagated through the internet. He stated, “it’s a game of cat and mouse. We’re dealing with sophisticated bad guys that have many ways to attack.” New security features can be installed and developed. But for every new feature that is developed, a hacker will probably be able to find a way around it. It might take time and effort, but it’s possible.

There are some solutions that could be put in place, but they might be logistically complicated. In Europe, smart chip technology is used. The United States use magnetic strips to hold information, but European cards usually little chips that are much harder to counterfeit. Since the smart-chips were implemented in Europe, fraud and theft have declined. The JobsUnited States seems to be stuck in a time warp. Most of our allies and trading partners use smart-chip cards, but we use the strip cards that were invented in the 1960s. As a result, by October 2015, new chip card standards will be put into place by most major credit card companies, like Visa and MasterCard. While this won’t completely eliminate fraud, it should make some impact.

—

Anneliese Mahoney (@AMahoney8672) is Lead Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

Featured image courtesy of [Brian Klug via Flickr]

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post A December of Hackers appeared first on Law Street.