• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Virginia Becomes First State To Mandate Advanced Credit Card Security for State Agencies

May 10, 2015 By Privacy, Cyber & Data Strategy Team

On May 5, Virginia Governor Terry McAuliffe signed Executive Directive 5 (2015), which requires the state’s technology and finance secretaries, treasurer and comptroller to update Virginia’s main purchasing card program to include advanced chip-and-pin technology by December. The Directive notes that many of Virginia’s political subdivisions and authorities have already converted purchase card programs to chip authentication technology.

In addition, the Directive requires the state’s Treasury Department to provide a plan to the governor’s office by October 1 of this year detailing its efforts to enhance the security features of merchant and prepaid debit card programs to include user authentication, confidentiality, cardholder reporting of unauthorized or fraudulent activities and data breach reporting and notification.

“I am keenly aware of the need for best practices and models to help spur states to advance their cybersecurity position and make it more difficult for hackers to gain access to our sensitive data,” McAuliffe said in a statement. “We must partner with the federal government, the private sector and other states to push innovation and adoption of enhanced electronic payment technologies — by our agencies, our merchants and our citizens — to help reduce credit card fraud. This directive will ensure the highest level of security for transactions conducted between citizens and state agencies.”

Virginia’s move mirrors action taken by the federal government in October of last year, when the President issued an executive order mandating that all federally issued credit and debit cards come with “chip and pin” technology and that federal law enforcement agencies share more information with banks and retailers when they discover identity theft rings.

It is not just the public sector that is moving toward microchip embedded credit cards. Visa, MasterCard and American Express have announced fraud liability shift policies that will transfer liability for certain types of fraudulent transactions away from the party that has the most secure form of EMV (chip card) technology beginning in October of 2015.

Filed Under: Financial Privacy, Regulation

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • DOJ Issues New Policy on CFAA Prosecutions
  • EDPB Issues Draft Guidelines on the Calculation of Administrative Fines
  • The California Privacy Protection Agency Solicits Public Input on Forthcoming Privacy Regulations
  • U.S. Department of Commerce Announces the Establishment of a Global CBPR Forum
  • Colorado Issues Pre-Rulemaking Considerations for the Colorado Privacy Act
Copyright © 2022 · Alston & Bird · All Rights Reserved. Privacy.