As banks are moving through the "methodical process" of reproducing new cards for customers whose data may have been compromised in the recent Target data breach, they are also studying the best security options for the future, says U.S. Bancorp CEO Richard Davis.
"One of my concerns is a chip, an EMV [chip], is not necessarily the end point. It's just another step in the journey," Davis told analysts Jan. 22 during the bank's 2013 fourth-quarter earnings conference.
Major card brands have established October of 2015 as a deadline when U.S. retailers will face an increase in fraud liability if they cannot handle payments from EMV cards, commonly called chip-and-PIN cards in other countries.
The chip-based cards make it far more difficult for hackers to create counterfeit cards, but they do not address security in card-not-present transactions such as e-commerce.
Davis also serves as the chairman of the Clearing House, which supports the banking industry with payment processing and other essential financial services.
The Clearing House is currently working on tokenization, a method of obscuring card information by replacing it with a limited-use token, Davis says. Other options include encrypting data and storing it in the cloud.
As banks consider other options, they may have to collectively "leapfrog" EMV and get to a more "provocative outcome," Davis adds.
The path may become clearer in the next couple of months, Davis says. "But I think there's one school of thought that says let's put all of our energy on the more sophisticated endpoint of mobile banking and cloud encryption."
However, others may say the industry should move quickly to EMV and study other options later, he adds.
"We will be open to either one because we are an acquirer, we are an issuer, and we are deep in the conversation," Davis says.
Banks will keep a close eye on political and regulatory reviews of the EMV migration and other processes as the industry moves toward the 2015 deadline, Davis adds.
"I do think in the next 90 days we will have a better sense as this settles and people decide where the risk is," Davis says.
