Improving the Security of Consumer Financial Transactions
Oct 23, 2014
Signed by: Barack Obama
Signed on: Oct 17, 2014
Published on: Oct 23, 2014
Oct 23, 2014
Signed by: Barack Obama
Signed on: Oct 17, 2014
Published on: Oct 23, 2014
Summary
Makes government payment cards and systems safer by adding new security features and helps people who have had their identity stolen.
What problem does this solve?
Identity theft and payment card fraud are serious risks to people's money and the country's economy. This order requires the government to use stronger security, like chip-and-PIN cards, to protect financial information and sets an example for the private sector.
What does this order do?
Upgrades government payment cards to chip-and-PIN
Requires all government-issued credit, debit, and prepaid cards, like Direct Express, to include enhanced security features such as chip-and-PIN technology to prevent fraud.
Improves support for identity theft victims
Directs federal agencies to consolidate all publicly available resources for identity theft victims onto the FTC's website, IdentityTheft.gov, creating a single, streamlined place for help.
Strengthens online security for federal services
Requires federal agencies that provide personal data to citizens online to use stronger security, including multiple-factor authentication, to ensure data is shared only with the right person.
Requires new government payment terminals to be secure
Mandates that all new payment processing terminals used by the government must have the hardware needed for enhanced security features, starting January 1, 2015.
Shares data on stolen information to fight fraud
Promotes the regular sharing of compromised credentials, like stolen usernames and passwords, from federal law enforcement to a national fraud alert system to help stop cybercrime.
Who does this affect?
- Federal government employees and benefit recipients
- Victims of identity theft
- Federal agencies
What is the real world impact?
•
Sets a national example for security
Requires the federal government to adopt stronger security for its payment cards and systems. This encourages private companies like banks and stores to adopt the same stronger protections for all consumers.
•
Creates a one-stop shop for identity theft victims
Streamlines the process for helping victims of identity theft. Consolidates federal resources into a single website, IdentityTheft.gov, to make it easier for people to report fraud and get help.
When does this start?
This order sets several deadlines for federal agencies to improve payment security and help for identity theft victims, mostly occurring in 2015.
Secure payment terminals required
By January 1, 2015, all new payment terminals bought by the government must include hardware for enhanced security features.
Replacement of old payment cards begins
No later than January 1, 2015, the General Services Administration must start replacing government payment cards that lack enhanced security.
Guidance on sharing fraud data
By February 15, 2015, the Attorney General must issue guidance for law enforcement to share compromised credentials to help fight internet fraud.
Centralized identity theft website
By May 15, 2015, an enhanced IdentityTheft.gov website must be available to the public, consolidating resources for victims.
Implementation of stronger online authentication
Within 18 months of the order (around April 2016), agencies must finish implementing multi-factor authentication for digital applications that access personal data.