Chip and sign isn't enough, home improvement retailer says.
The lawsuit alleges that the credit card security isn’t strong enough, leaving both retailers and customers vulnerable to hackers, the Washington Post reports. This lawsuit is likely a reaction to a data breach at the home improvement company in 2014 in which hackers gained access to 53 million customer email addresses.
Home Depot is calling for the two credit card companies to implement two-factor authentication, meaning that in addition to having a card present during the transaction, consumers would also need to provide a Personal Identification Number. Currently, all one needs to confirm a purchase is a signature and, as Home Depot points out in its lawsuit, “Signatures can be copied or forged, and cashiers are not handwriting experts trained to identify forged signatures.”
“Regardless of how the cardholder’s identity is confirmed, the chip makes data much more secure, rendering it almost useless to create fraudulent cards or transaction,” a MasterCard spokesperson told Fortune, referring to the chip technology that is becoming more popular in the U.S. Home Depot claims that, even with that technology, cards are still less secure than those in Europe and some other areas abroad.
Walmart filed a similar lawsuit against Visa last month. After doing so, a spokesperson for the retailer told the Post, “PIN is the only true secure form of cardholder verification in the marketplace today, and it offers superior security to our customers.”
Home Depot accuses Visa and MasterCard of being “more concerned with protecting their own inflated profits and their dominant market positions than with the security of payment cards used by American consumers and the health of the United States economy.” The lawsuit states that the fraud U.S. retailers and customers incur is “unrivaled.”
Visa could not immediately be reached for comment.