There is an organization governed by visa and mastercard. They control the technology that is the backend for these smart chips. One of our Lessons Learned early on is they manage the process well. Its an indicator that we have huge concerns about them being involved in transitioning the u. S. To digital and mobile commerce in the future. Thats one of the biggest lessons and takeaways for merchants who have had to rely on the companies for this major transition. Some members of congress of started to look into this and how its organized in governed. We need to ask why we dont have a more robust four pin here in the United States. There are branches of the Federal Reserve studying security who point to the development of standards which they directly and explicitly reference. It may result in lesser security as well as competitive disadvantages for other companies. We have seen that happen here in the u. S. What does this mean . We do believe that merchants will get there eventually. The certification will happen. Its not happening in a timely fashion for a lot of people. I have merchants who have 800 locations in the u. S. Who have not been able to get certified. Were talking about a sub set thats been able to fully deploy. We are going to disagree about small merchants. This is great for a food truck or small business. When you look at a simple independent operator Grocery Store, you cant have an outofthebox solution. Youre still going to integrate your pointofsale. This is not really realistic, even for a small independent perator. We talked a lot about what the liability shift means. I think its important to know that merchants are covering a lot of the losses. Thats something that could have been helped by putting pins on all of these roducts. We see a huge shift in sales to ecommerce transactions and mobile commerce. Thats a good thing for the economy. A lot of those losses being born in that channel are by the Merchant Community. We have this counterfeit liability shift which ranks were covering most of the fraud before. Now we see a lot of that transition to the merchant, which is creating strain on smaller businesses. Even some of my Large Businesses with 800 stores are trying to see 1 million in chargebacks every week. I think it is important to note that merchants are bullish because the charge process itself is a byproduct of signature card environment. The network rules are managed by be sarah and mastercard by visa and mastercard. It shows that charges are not accepted on pin transactions. When we look at it deeper, it is improved security. They noted last summer that when you look at the method equally pinbased products, they had the lowest fraud. That is a huge indicator that it is working internationally. There are several folks who agree, in addition to National Banks and companies, the fbi and the new York Department of Consumer Protection and they noted the added benefits of the security. Another good example for the pin initiative in australia is where the customers and companies came together a couple of years ago to educate participants in the economy about the mandated pin on transactions at most merchants. The one exception being that Quick Service restaurants and other low risk, low dollar and small ticket type of merchants, where they basically said under 35, maybe you do not have to ask for a pin, but it makes sense from a policy perspective because all the banks issuing pins on them, if for some reason it is midnight at the drivethrough and they want to ask for a pin, they can because it is on the product. In the u. S. , if i have a customer and i say i do not like to lock my smartphone with a pin, i will not use my credit card because i got in trouble the last time i did that at least hide it a little bit. If i say, i dont think i will lock my pin, apple will come in and say, i will not enable for any customers who want to put a pin on this fund protected and that would be the same as what banks are doing by not putting pins on their products. I think it is a backstop for us oward innovation in the u. S. I went to close with one other quick piece that we have not talked about and im sure most of you may not have it on your radar unless you pay emb debit. I noted challenges we have with certifications, and we will get there, but there are challenges. Scott is right. If a merchant wants to program their pointofsale and process emb a certain way, they can do that. In order to be pin preferring, they now have to go through this added step, which they did not have to do before when you could wrap transactions in a striped and a Magnetic Stripe environment. There is a new screen prompt and i will put these outs of folks can take a look, but ssentially, it says here we are seeing this popped up as a certification process that merchants who rollout emb at the point of sales. It has caught a lot of folks off guard and it was slowing down time at the checkout only cannot figure out why. People realize the screens were there and it is disingenuous in the sense that this and companies who said they did not want to put pins and products in the United States are adding a layer of complication to emb, which is already complicated process for consumers. In this sense, where customers select debit, that will route a signature transaction, leaving Small Businesses more open to liability on chargebacks and the less secure transaction. We have sent Major Concerns with this. We think it is disingenuous at this point of sales when we are not doing the simplest things we can to protect consumers. Thank you very much. Now, were going to move to steve. If you will issue your thoughts. Thank you. Thanks to the energy and commerce staff for securing this room. It is much appreciated. I am the president of the American Consumer institute at 501 suite 3. Look at a lot of issues from technology to insurance regulation, and it is good to be here today and talk about some financial and credit card issues, including the problem with fraud. Starting up at a very high level, as we look at this, it is a bigger problem than all of this, but let me scroll down. We know that there are multipronged threats that affect americans, american businesses and consumers dealing from hackers and fraudsters that affects this is, government and consumer that affects business, government and Consumer Information. Whether it is from nations, select government information, personal data on consumers and taxpayers, corporate espionage, the hackers received out of you in this and similar to this, what we are seeing is the value of Financial Information and that brings us down to it we are looking not what we are looking at, which is intermediaries and consumers are targeted week as of the big value of the transactional information and what it has, including Credit Card Bank information. Financial fraud is a major problem. On the whole chain of everything i addressed, it is another example where we are not doing enough and we need to do more about as liz stated about the credit card fraud issue it needs to be fully addressed. 30 million American Consumers were affected in 2014 by credit card fraud. If we look at the u. S. Worldwide card volume, about 24 , more than twice as that is a share of credit card fraud in the u. S. The fact is the u. S. Is this a portion in the affected when you look at other countries were over 10 years, 12 years in major western where they have ad a pin option, so what i see is sort of one of the simple steps to get it toward addressing this issue, and it is going to be continuous issue because hackers are this sort of stagnant group. They are very dynamic and they will figure out the next trick. If the trick is online or whatever, the thing we need to understand is that shape and pin chip and pin is a reasonable solution, can reduce the profits out there that people seem credit card fraud, simple, lowcost solution and an immediate solution in terms of implementing the chip and pin. The Federal Reserve data, which is mentioned couple of times, there is one statistic that shows that the credit card transaction could be made 700 more secure, up to 700 more secure if a pin number had been included. We heard earlier that there is 2. 5 million chip and pain in use in the federal government, so they have taken the step, and it is a step that i have not seen the private industry move toward. Why dont we have chip and pin . Why is it not in the u. S. . One of the simple answers is that consumers are not smart enough to remember a payment number, but remember a pin number, but when i turn on my cell phone, ipc, a lockbox, my garage door opener, i go to banks, thanks love paint numbers. If you love pin numbers. The first thing they do is push the keypad toward you to put in pin number. Bottom line is atms require pins because banks are liable. Debit card, by the way a debit card requires pins because banks are liable, but credit cards, they do not require pins. It is because, simply, the banks have shifted the liability, as mentioned, to merchants. Had the liability stayed on the issue in banks, we would be using pins today. What it gets down to his banks are not liable, so shouldnt they be indifferent about all of this . Why would they care . We are hearing arguments against pins. Why . Because there is money in it. They earn more on the chip and signature transaction fee then they do on the chip and pin transaction fee, so on the one side, they should the liability to somewhere else. If it is fraud, they are protected than the other side because Older Technology benefits from the transaction. The bottom line is the chip is better because of stopping counterfeiting, but the other side with what the pin does, if i drop of this, they could easily forge or scribble something. What the pin does is eliminate that, even online. A simple Solution Online is if you opt into it to get a text back and they send you an option and it gives you a pin number and you put that Number Online and it eliminates fraud in that manner. Look, it is not the panacea. We know things are going to change down the road. There are mobile actions that may become dominant in five years or seven years. Right now, we have a simple, lowcost and immediate solution for credit card fraud, and that is my position and i am sticking with it. Thanks. I think you made a good point about pins and the fact that we use a pin so often and every day. I just cannot imagine going to an atm and putting in our card and not entering the pin. That would be a total lack of ecurity for all of us. I went to state clearly before i go into a couple of questions for our panelists to see if any of you want to respond to anything that has been said so ar from the panelists . She is clearly looking at me, so i will take this. N the pin, a couple of things. From my standpoint, eta is agnostic with respect to pin. We believe in chip and choice. We want them to be able to cite themselves, whether that be in, ignature or nothing. Y cab ride appear this morning did not ask for anything. It just took my card. Reboot merchants should have that choice. A merchant, consumer or bank has the ability now to require a pin in their system. The networks can handle it, the banks can issue it and you will find 20 that have the pin. There are merchants that are moving toward a pin. The federal government asked for a pin. Pin is great for getting cash back at the store. It is not so great that the toll booth or drivethrough, so each merchant has a different profile and they have to decide if they want to require pin or not. If you sell high ticket items, you might want a pin, but it is up to the merchant and the technology largely exists for them to do that. Pin also has challenges with implementations which is two thirds of merchants do not have the pin pad. If you would like them to do that, you have to purchase a pin pad. Pin has strengths and weaknesses. There has been a lot of discussion about other technology out there. One of the challenges for pin is that it becomes a target for thieves. If a thief gets your pin, they can drain your bank account. We have seen atm fraud up in the last year in england and europe, where they use pin a lot, we have seen it increase and they can target your pin. Pins are usually four digits, so there are only so many combinations, i guess you could say 10,000 if you want to make 0000 into a pin. It is not hard to crack. What might make more sense, instead of a pin, a static number that never changes, our dynamic ones. Other things available now, biometrics, thumbprints, that is a form of a pin. That is more secure than a static number. We are using selfies, voice recognition, i dont think we have ruled out retinal scans yet, but all of these technologies are Getting Better and better. When you talk about Online Transactions, there is another technology being deployed. It is a way to secure your ransactions online as a way to help reduce online fraud, so there are pros and cons to pins. You need to weigh all the costs and factors for each merchant. We are chip choice, it should be up to the merchant to decide what to use. Thank you. Thank you. I see you are jumping in. I agree that it would be great for the merchant to ecide. Chip and choice, as it has been coined in the u. S. , is not that. To have a choice whether or not we have a pin has to be there. It is not there right now. We are deep talked about the added we already talked about the added security. Whatever the device or medium may be with some type of pin, i think that is what scott and i can agree that pins may not be the say all and end all, but it is the best thing we have got there at market today. I think biometrics has its own challenges. A pin is more dynamic because you can change it. If somebody lifts right thumb print, which is a common thing to do, you can steal those easily, i am not going to cut my thumb off to protect my financial data, so there is real questions on how effective hey are. I am not saying that they may not be the future rate they might in fact, but there is a lot to be determined there. Going back to the chip and choice, i worked at the National RestaurantAssociation Prior to that. Talk about one of the most challenging environments. The last thing you want is somebody holding out this pin machine reaching out of your car window. Maybe it does not work there, but lets go back to my example at midnight at the drivethrough. If somebody is ordering 200 worth of gift cards at 100 worth of hamburgers, i may be suspicious about the transaction. For me to have that choice, the pin has to be on the project, which is not the roadmap we have chosen the u. S. I think it is important for ecommerce transactions, too. We had the last g20 nation to go to emb. Because we have done this so late, we had all the more opportunities to improve the experience with better technology. One of those being the ability to ask for pins in an ecommerce environment. I had a couple merchants role that outlasts year, and they are not seeing the benefit because some of the Card Networks and issuers have not agreed to support that technology for Online Ecommerce transactions, so i think we need to get better at that and moved to support those enhanced technologies when they are there. I want to make one more comment can i use your swipe things . This is unique. We talk about food trucks top of examples, but even that independent Grocery Store operator, all of that hardware in the u. S. Has pins on them but it is a matter of programming software. You will be hardpressed to find anything outside of these examples that will not accept a pin going forward. Steve . Steve i dont have much to say on this other than in terms of losing your pin number, it i lose my card, it is not inscribed on it. If i lose my card and my signature is on it, you have made. Here is that these and it is much easier to look at my signature and force it then to find the card and somehow know my pin number. Second point, it is easy to have a situation where may be three false pins leads to a lockout and notification to the customer, so that is a simple way to make that 10,000 unique numbers somewhat hard to guess. The last thing, i am not sure how comfortable i would be, and may be time of tell, but to hare my biometrics up on a server somewhere where somebody can crack and get my information. I am not sure im comfortable doing that right now and may be biometrics is for the future, but i think the chip and pin is something to deal with now rather than trying to think ahead. I would much rather not have my biometric information sitting on the server when i do not have control over it. Thank you. This has been a good discussion. I think we have great points out here. Scott, you brought up some of the future that we can look toward for verification and i think it is interesting to take a look at what some of those opportunities might be, and i think it is looking at what is available now, which is pins, and looking at what is available in the future, which may be excited for consumers for verification of protection. Liz, i wanted to turn to you for a moment. You did bring up some of the challenges that have been faced with this certification process. I wanted to ask you if there have been any other challenges in the road, ones that have followed months that have followed october 1. If you wanted to highlight anything else . Liz in addition to what we said, we had inadequate timelines in the u. S. I understand that there is a real need to protect fraud, and we all talked about with the global numbers looked like and what the u. S. Numbers look like compared to the global numbers, and it is quite a challenge on Large Businesses, midsize to Small Businesses, not talking about the food truck example, but some of the larger merchants in the u. S. , and it has created a financial strain because there was not a roadmap to get it ready by that october 1 dates. We would love to further investigate what the impact has been on those businesses an