mr. jason oxman and mr. brian dodge. given the ever increasing sophistication of our cyber attacks, do you think a catastrophic attack which can have severe repercussions on the financial system as a whole is imminent and what can the federal government do to help prevent such an attack or prepare to respond to such an attack attack. >> thank you for the question. the possibility of such an attack is always on the minds of the payments companies, and preparation for those attacks is, of course, something that is always included in all the operational plans of all the companies that we represent. our sincere hope is that something like that never happens, but we do recognize the important role that the infrastructure plays in empowering commerce in this country. and protecting we are focused and prepared for that. it is our sincere hope that nothing like that comes to pass. >> thank you. mr. dodge. >> in terms of your question about what congress can do, i think the focus on data security to avoid such a catastrophic even

mr. jason oxman and mr. brian dodge. given the ever-increasing sophistication and sheer number of cyber-attacks on our financial institutions and markets do you think a catastrophic attack which can have severe repercussions on the financial system as a whole is imminent, and what can the federal government do to help prevent such an attack or prepare to respond to such an attack? >> thank you for the question, congressman. the possibility of such an attack is always on the minds of the payments companies that eta represents. and preparation for those attacks is, of course something that is always included in all the operational plans of the companies that we represent. our sincere hope is that something like that never happens. we do recognize the important role the payments infrastructure plays in powering commerce in this country and protecting our customers be they merchants or consumers is always top of mind. we are focused and prepared for that. it is our sincere hope that nothing like that comes to pass. >> thank

mr. oxman? >> as it stands, the analysis is exactly the same in the case of a counterfeit card. the issuer would have responsibility for that. the merchant would not. the migration to emv chips that we've been talking so much about this morning actually change that calculus. and the responsibility for the fraud after october of this year will actually fall on the party to the transaction whether it's the merchant side or issuing side that has deployed the lesser form of security. not to get too complicated, but if that card that you're talking about has been counterfeited and it was a chip card and the issuer has issued chip cards but the merchant hasn't installed chip readers then the merchant will have responsibility for that fraud. that's a change to the current system which is the issuer takes responsibility. >> then finally, if i can have the indulges of the the chairman for 15 more seconds, the third example of fraud is the online fraud. there's no card present, we're on line buying airpl

mr. jason oxman and mr. brian dodge.iven the ever-increasing sophistication in sheer numbers of cyberattacks on our financial institutions and markets do you think a catastrophic attack which can have severe repercussions on the financial system as a whole is imminent and what can the federal government to to help prevent such an attack or repair to respond to such an attack? >> thank you for the question, congressman hinojosa. the possibility is always on the minds of the payment come needs pta represents and is something always included in all the operational plan that i represent our sincere hope is something like that never happens. we recognize the important role the infrastructure plays empowering commerce in this country and protecting our customers be merchants or consumers is always top of mind. we are focused on that. we are prepared for it is our sincere hope that nothing ever comes. >> mr. dodge. >> in terms of the question about congress can do to avoid such a catastrophic event is incredibly important. we b

i look forward to answering your questions. >> mr. oxman, you are recognized for five minutes for your testimony. >> thank you, mr. chairman, ranking chairman waters, i'm the ceo of the electronic transactions association. eta is the trade association or the payments industry, our more than 500 member companies are focused on providing the world's most secure, reliable, and functional payment systems to american merchants and consumers. electronic payments in the united states are largely invisible to consumers because simply put, they just work. u.s. consumers carry 1.2 billion credit, debit, and prepaid cards in the wallets, use to pay electronic at more than 8 million merchants in the united states. indeed, eta companies process more than $5 trillion in u.s. consumer spending every year. that means thousands of transactions are moving across our network every second. now, consumers enjoy a wide variety of ways to pay electronically including in person with a card, mobile device, or watch or remotely via phone or internet. from the moment

i look forward to answering your questions. >> mr. oxman, you are recognized for five minutes for your testimony. >> thank you, mr. chairman ranking chairman waters i'm the ceo of the electronic transactions association. eta is the trade association or the payments industry, our more than 500 member companies are focused on providing the world's most secure, reliable and functional payment systems to american merchants and consumers. electronic payments in the united states are largely invisible to consumers because simply put, they just work. u.s. consumers carry 1.2 billion credit debit, and prepaid cards in the wallets, use to pay electronic at more than 8 million merchants in the united states. indeed, eta companies process more than $5 trillion in u.s. consumer spending every year. that means thousands of transactions are moving across our network every second. now, consumers enjoy a wide variety of ways to pay electronically including in person with a card mobile device, or watch or remotely via phone or internet. from the moment a co

mr. jason oxman is the chief executive officer of the electronic transactions association. mr. steven or faye is the general manager at pci security standards council, last but not least ms. laura moy is a senior policy counsel at the open technology institute. several of you have testified before congress before i'm not certain of all of you, so we have a rather simple lighting system green means go yellow means hurry up because the red light is soon to follow. red means stop. the yellow light comes on with one minute to go. each of you will be recognized for five minutes to give an oral presentation of your testimony. without objection each of your written statements will be made a part of the record and since we are brand-new in our refurbished space, in the old hearing room you had to pull these microphones very close to you, i think now you can keep them a somewhat comfortable distance from your mouth. governor pawlenty you are about to be our beginy pig on the new sound system. you are now recognized for your testimony. >> good morning, mr. chairman, rank member waters me

or may become mr. oxman you might take that one. >> i do think that is an important issue because the honda consumers suffer from identity theft can in some circumstances be as impactful as the harm suffered from the threat of financial data. i think h.r. 2205 does a good job of making sure that all entities, not just retailers and financial institutions and payments companies can but all entities that have storage or access to the sensitive personal information are required to abide by the federal standards that h.r. 2205 would put in place. and i do think that's a very important component of the bill. >> does anybody else want to add onto that? >> i think the fundamentals of the pci standard are applicable across all vertical markets. i also share your concern in my discussion with law enforcement officials assistance in particular, the next big target. protecting that data in following adheres to the pci standard would benefit those industries as well. >> i think it's a little, you know on that paper we c