Who Pays For Credit Card Breaches?

PetManimal writes "A scheme to steal customers' credit and debit card information at a New England supermarket chain highlights a little-understood fact about credit card security: Customers still think that the credit-card companies have to eat fraudulent charges, but since the PCI DSS standards were adopted, it's actually the merchant banks and merchants who have to pay up. And, according to the blogger writing in the latter article, it's a good thing." "The main reason PCI exists is that there are tens of thousands of merchants who don't understand the basics of information security and weren't even taking the very minimum steps to secure their networks and the credit card information they stored... PCI pushes that burden downstream and forces merchants to... put in a properly configured firewall, encrypt sensitive information and maintain a minimum security stance or be fined by their merchant banks... [T]he credit card companies have taken the bulk of the financial burden off of themselves and placed it on the merchants, which is where much of it belongs...'"

Business partners

[HomelessInLaJolla]

Credit card companies are branches of banks (who else has money to lend?). They are affiliated, strongly, with insurance and investment companies. Just as any other large corporation when one division suffers a loss then, in nothing more than the ledger book, the losses are distributed amongst the other divisions.

Think about that next time the interest rates on home mortgages goes up, or the premium on the insurance plans, or when the quality of service for medical insurance goes down, or when the price of motor fuel goes up...

These things happen because the businesses are recouping losses. Why are credit card rates so high?