T-Mobile's announcement

T-Mobile’s announcement

In the annals of what I like to call “Dear John Data Loss Letters,” this one takes the cake.

“Experian North America  today announced that one of its business units, notably not  its consumer credit bureau, experienced an unauthorized acquisition of information from a server that contained data on behalf of one of its clients, T-Mobile, USA, Inc.,” writes Experian today on its website in a sort-of apology.

The phrase “experienced an unauthorized acquisition of information” is quite elegant, no?

Remarkably, the firm that T-Mobile trusted to vett cell phone service applicants has been raided by hackers, who made away with detailed sets of personal information on 15 million consumers. Criminals stole data covering more than two-year’s worth of applicants, from September 1, 2013 through September 16, 2015.

Experian says the data included names, dates of birth, addresses, and Social Security numbers and/or an alternative form of ID like a drivers’ license number, as well as additional information used in T-Mobile’s own credit assessment.

“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected,” said T-Mobile CEO John Legere in a statement. He admirably took to Twitter immediately and began answering questions about the incident. Not all victims are current customers, he made clear.  Applicants who did not become customers can also be impacted.

Victims can get two free years of credit monitoring, T-Mobile promised — but the offer involves, ironically, ProtectMyID, which is owned by … Experian.

“We’ll have an alternative option tomorrow,” Legere wrote to consumers who complained about the offer of free credit monitoring services T-Mobile promised.

No payment card or banking information was acquired, Experian said.  In fact, the data was exposed is could actually cause more trouble for consumers.

Experian also stressed that the hack did not involve its main consumer credit database.

“We take privacy very seriously and we understand that this news is both stressful and frustrating.  We sincerely apologize for the concern and stress that this event may cause,” said Craig Boundy, Chief Executive Officer, Experian North America.

For more information, click on Experian’s “Overview” page regarding the incident.



They're baaaack.

They’re baaaack.

I hate when Gotcha Capitalism wins, and you do too. But it happens all the time, because markets fail, and when they do bad operators win, and companies trying to be honest are penalized. That’s not a free market, that’s a free-for-all market. It’s terrible for everyone — consumers, businesses, the government, the economy. Terrible for everyone, that is, except the bad actor.

Let me show you what a market failure looks like, and why those of you who think government intervention is always bad are asleep at the wheel.   We’re going to stick with something non-controversial today — buying tickets to sporting events and concerts.

You know I don’t give out compliments to corporations lightly, so it should mean something when I throw flowers at StubHub for doing the right thing about two years ago when it converted to “all-in” pricing.  Consumers who shopped for tickets on StubHub’s site saw the full, out-the-door price as soon as possible.  No exorbitant handling fee, no $35 overnight shipping fee, no $17 print-at-home fee.

Just…the price. Bravo.

And what happened?  The (broken) market punished StubHub. Mercilessly.  Competitors who continued hidden-fee trickery appeared to have cheaper tickets, and StubHub lost sales. Websites that sorted tickets by price punished StubHub. While survey after survey showed consumer hate the aftercharge game, it’s still intoxicating.  When you spend 25 minutes picking your tickets out, you can’t help but tell yourself, “Crap, I don’t feel like starting over.” And you buy the ticket.  With the fees.

StubHub gamely held out, but in the end, it waved the white flag. As I like to say, you can never afford to be the only honest poker player at a game of cheats.  So in September, StubHub went back into the hidden fee game.  A $36 ticket on the site now costs $45. And so on.

I could have told StubHub things would have ended this way. I’ve been preaching this since my book Gotcha Capitalism came out.  Since I read Xavier Gabaix’s economics paper on hidden fee shenanigans nearly a decade ago on “shrouded attributes.”  The paper explains all the ingenious ways corporations hide, or shroud, the real price of things, and why that makes it impossible for consumers to be intelligent agents. His pet example is the computer printer. No one knows how much ink will cost, so the real cost of a printer is invisible.  And when prices are invisible, there is no free market.  The entire reward system of capitalism breaks down.  Instead of the best companies with the best products and lowest prices winning, the companies that “shroud” prices most effectively win. The cheaters win, and the honest players lose their shirts.

But that’s only half the story Gabaix tells. The other half is even more depressing, and it explains why StubHub failed (and why InterContinental Hotels failed at upfront pricing, and why JC Penney failed at “fair and square pricing,”  and why Southwest Airlines keeps hinting it will have to add baggage fees).  A company might get the bright idea to shine a light on hidden fee practices of competitors, which you might think would give them a marketing win. Instead, this attempt at “debiasing,” or teaching, consumers is an abject failure. It just calls attention to the competitor’s lower prices, and trains consumers that they should use competitors and try to beat them at their hidden fee game somehow.

I call this the “death of the price tag.”  Here’s a link to a cute animated video I made about this problem, which is dire, and I say contributes mightily to the boom and bust cycle of American (Gotcha) Capitalism.  It’s a horrible cycle. Companies cheat, they get ahead, honest companies fail, they disappear or join the dark side. Then, eventually, the gig is up, consumers do learn their lesson or the bubble of fake value pops, and all the roaches scatter with the people’s money. An entire industry collapses in on itself.  Then the cycle repeats.  But the book if you want a more intellectual discussion of this problem, or start a discussion below.

But there’s a simple answer.  Back to online ticket sales. There should be a a rule that every actor must show the out-the-door price as soon as feasible on every site.  The end.  In one swift blow, that would create a fair marketplace. It would reduce friction. The right actors with the best prices would get the money. Consumers would have a better experience. Everyone wins, except the firms that existed only because they shrouded, or cheated. Those firms would go out of business because what they were doing was unsustainable anyway. ( I have a story coming soon about one of those firms you won’t want to miss. In fact, I’m sure you won’t.)

Now, apply this price tag rule to other industries. Airlines. Hotels. Mortgages.  Cell phones.  Cars. Whenever a price is discused, it’s the out-the-door price, not some imaginary number no one can actually buy anything for. Verizon, for example, could never again advertise smartphone plans for $80 a month when there is no actual way to get a smartphone for $80 a month (without that other $15 monthly device access fee).

Sure, go ahead, list your costs of turning on the lights or paying for plastic cups in the breakroom on some website somewhere.  But the price is the price. You’d see a big change in the way consumers approach purchases. And I’m convinced you’d see an improvement in the economy as a whole.

Let me throw another flower at StubHub, which still has an option while shopping that lets you check a box that indicates “show prices with fees.”  The firm is gamely trying, and I honor that.

Now, it’s time we demanded the same from all the companies we work with. But if you think there’s an industry-group, organic, market-based solution to this problem, I have a ticket to a Beatles concert to sell you.  For this market failure, we need a regulator to set a clear rule. And we’ll all be better for it.


Credit cards with magnetic stripes are being eliminated in favor of cards with fraud-fighting computer chips. Here are all the details you need to know as a cardholder.

Why is Oct. 1 important?

Banks and merchants have been inching toward the magnetic-to-chip transition for a long time. New rules take effect Oct. 1 that provide a dramatic incentive to make the switch. The rules govern who pays when credit card fraud occurs. After Oct. 1, most merchants that aren’t equipped to accept chip cards will have to pay when fraud occurs. While all chip-card point-of-sale terminals won’t change overnight, that’s a pretty big carrot.

I still have an old magnetic stripe credit card. Will it stop working?

Generally, no. Most point-of-sale terminals will be able to accept both mag stripe and chip cards.

How will this affect me directly?

Ideally, very little. There will be a slight difference in the procedure for using plastic at checkout. Instead of swiping your card, you will insert your card — similar to the way you insert a card into an ATM. Then, you’ll have to wait a moment while the card is authenticated.

What if I still swipe my card?

If your card has a chip on it, most chip-ready terminals won’t accept a swipe. They’ll force you to insert the card into the chip reader.

Why should I care?

In theory, chip cards are nearly impossible to counterfeit. Switching to chip cards will virtually eliminate a certain kind of credit and debit card fraud that’s very common today called “card cloning.” In cloning, criminals steal account numbers and other basic information, then encode a separate piece of plastic with the data and use it to make fraudulent purchases or in some cases, cash withdrawals. That’s how a criminal can steal from your credit card even if your card is still in your wallet. Because the chips haven’t been cloned yet on any kind of wide scale, this version of credit card fraud is expected to drop significantly, as it did when European nations switched to chip cards. So that’s good news.

Will it eliminate all credit card fraud?

Heck no. In fact, there is some debate about whether it will reduce fraud at all, or merely shift it to other forms. Switching to chip credit cards, on its own, does nothing to stop “card-not-present” fraud, such as use of stolen account information to make fraudulent online purchases. When card-present fraud drops, everyone expects card-not-present fraud to rise. So it’ll be even more important that you check your credit card statements each month to spot crime. (If you’re worried about other forms of identity theft and fraud, you can monitor your credit scores for free on Credit.com to spot any unexpected changes that could signal bigger identity theft issues.)

Why do I keep hearing the term “EMV?” What does it mean?

That stands for Europay Mastercard Visa, the three firms that originally developed the standard. In this context, “chip card” or “chip credit card” or sometimes even “smartcard” means the same thing as EMV card.

How does it work?

When a chip card is inserted into a reader that recognizes it, the chip wakes up and performs a calculation that can be checked on the spot to ensure the card is not a fake. Further authentication can then be conducted online with the cardholders’ bank.

The rest of the world has been using EMV for years. Why was the U.S. so slow?

Because telecommunications in the U.S. have traditionally been much cheaper than elsewhere. EMV was critical in Europe and beyond because it was too expensive to perform “online” authentication via phone calls in many places. EMV cards can perform some authentication checks locally, a great advantage in places where telecoms are costly. In the U.S., banks and merchants didn’t mind the long-distance phone calls, so the urgency for transition wasn’t there — until high-profile hacks of retailers like Target really forced the situation.

How far along is the change?

If you ask Visa, pretty far. The firm says 141.9 million chip cards have been issued in the U.S., and 301,000 merchants are chip-ready, a 547% increase over last year. Other folks aren’t so sure. Gallup and Wells Fargoreleased a survey in August involving 600 small-business owners, and only 29% said they would be ready to accept chip-enabled cards by Oct. 1 do so before the deadline. An additional 21% said they never planned to make the switch.


Click to watch Yogi's funeral on Yes

Click to watch Yogi’s funeral on Yes

I’m really sad about Yogi Berra’s  passing.

You already know the long list of wonderful things about Yogi, so I won’t repeat them here.  An extraordinary friend, husband, athlete, and businessman.

What makes me most sad is that Lawrence Berra wasn’t really extraordinary at all. He was a downright ordinary human being. He was little.  He worked summer jobs, even after “making it.”  He spoke like us – most of the time. He might be the last world-famous athlete we’ll ever see who was one of us.

When Ted Williams first saw Yogi, he said, he thought his chest protector would hit the ground, Yogi was so short.  He looked no more like a future MVP than the security guard who probably stopped him at the Yankee Stadium entrance asking for ID.

Yogi was special, of course. By the time he was left his teen-age years, he had already quit school to help support his family, and fought on D-Day to help support the Free World.  He’d already done more than most of us will in out lifetimes.

He had great skills — he set the record for home runs by a catcher, broken by the venerable Johnny Bench. But Yogi’s best quality was his ability to be a teammate.  He was masterful at handling pitchers, the most underrated part of any baseball team’s success.

He was a masterful teammate until the end.  Yankee announcer Michael Kay bawls every time he tells the story of Yogi visiting Phil Rizzuto when the former Yankee shortstop — and fellow regular guy –was dying in assisted care.  Yogi went every day and played cards with Phil, because he knew he was scared.

He was 5-foot-7. He was a giant.   But more than that, he could have been you and me.  

Yogi wasn’t an Adonis. He wasn’t a 7-footer. He obviously wasn’t ‘roided up.  He probably wasn’t even picked first in gym class at anything.  But he made it.  And anyone watching Yogi could think, or in good conscience tell their children, you can make it too.

Sports are different now.  Children become “professionals” before they reach  puberty.  Pitchers who  don’t throw 90 mph by age 14 are discarded.  Athletes are creations of science and data.

Yogi, we all know, was a creations of the heart.  That’s why we all love him. He was …normal.

Baseball is far different from other sports.  One reason: It is incredibly democratic.  Every defender also  gets to hit.  Everyone gets a turn.  In basketball, defensive specialists go entire games without taking a shot. In hockey, too. In football, well, there are entirely separate teams for offense and defense. But in baseball, the last can become the first.  The least has the chance to be the greatest.  And we see it often — long games are determined by the last player on the bench, who gets a surprising hit and a day in the sun.  Baseball brings us incredibly moments of underdog heroes, more than any other sport.

Baseball is actually designed for such magic.  It is designed to give everyone a chance. It’s designed so Yogi can become a hero.

I wonder now, in baseball and in America, what chance Yogi would have were he an 18-year-old today?

Full disclosure: A dear family friend, Fr. Tim Shugrue, was pastor of Yogi’s Catholic Church in Montclair for many years.  I have even more reason than many of you to know how normal, and kind, Yogi was as a person.  Decades after he had won the last of his record 10 World Series, he was touching people’s lives every single day.

I will miss him.




Kenna Security

Bad guys are so much more nimble than good guys that they have a two-month head start in most hacking situations, a new report has found.  Meanwhile, software flaws that are even a decade old continue to be used to hack hundreds of thousands of computers, according to Kenna Security.

In the hacking world, a secret software flaw that can be exploited is known as a “zero-day” vulnerability.  Known only to a select few, zero-day exploits give hackers the ability to break into machines at will, and much has been made of this alarming problem.

But even known vulnerabilities might as well be “zero day” flaws, suggests findings in a report issued Tuesday by Kenna on what it calls the “Remediation Gap.”  Kenna says it examined one billion breach events and came to this disturbing conclusion:

Most organizations require 100-120 days before fixing vulnerabilities; meanwhile, hackers exploit them within 40-60 days.  That’s two months of free shots.

“The public has grown plenty familiar with hacker seeking out a specialized target, such as Ashley Madison. But automated, non-targeted attacks still remain the most significant threat to businesses of all sizes,” said Karim Toubba, CEO of Kenna. “Every company has data that hackers want to get their hands on, but security teams remain one step behind their adversaries. Security teams need to move quickly to remediate critical vulnerabilities, but they don’t have the tools needed to keep pace with hackers.”

The report suggests that too much attention has been placed recently on targeted attacks, while old-fashioned “spray and pray” attacks remain many firms’ greatest threat.

“Of the organizations that Kenna has evaluated, 100 percent are susceptible to vulnerabilities – which correlate to at least one stable publicly available exploit,” the report says.

Kenna said it pulled its sample from a database of 10 million successful attacks per week, collected through AlienVault’s Open Threat Exchange, as well as threat intelligence data as well as data from various partners, including Dell SecureWorks, Verisign, SANS ISC and US-CERT.

“By executing this approach, we were able to estimate the probability that a vulnerability might be exploited, as well as the sheer volume of attacks, based on the volume of attacks displayed by the aggregated data,” the report says.

Security professionals do a poor job of prioritizing which threats they remediate, and often fail to patch old flaws that are known to be popular among hackers in favor of top-of-mind flaws that have been recently announced, the firm argues.

“One of the points we need to make is that the vulnerabilities in question are often very old, well-known weaknesses that simply haven’t been fixed yet. We’ve seen this over and over again as we evaluate the data,” the report says. “In many cases these vulnerabilities are not sexy, and they don’t hog the spotlight – but in many environments they actually represent major weaknesses.”

For example, Kenna spotted 156,000 exploitations of the Slammer worm executed during 2014. Slammer hit so many servers that it dramatically slowed down general Internet traffic – in 2003.

The report also finds that automated attacks are on the rise: Kenna says there have been over 1.2 billion successful exploits witnessed in 2015 to date, compared to 220 million successful exploits witnessed in 2013 and 2014 combined – an increase of 445 percent.

“Companies will continue to face the cold reality that throwing people at the problem is no longer sufficient for remediating vulnerabilities and combatting the sheer volume of automated attacks,” Toubba said.”




There are many reasons a monthly student loan payment might increase — but from $200 to $1,400 in a single month? That seems like cruel and unusual punishment — but that’s exactly what one consumer told federal regulators happened because of a paperwork delay.

(This story first appeared on Credit.com. Read it there.)

The 600% jump sounds hard to believe, but the complaint was recently cited by the Consumer Financial Protection Bureau in a warning it issued about a particularly sinister form of what it calls “payment shock.” Ironically, it comes as the result of a program designed to make student loan repayment more affordable.

A new student loan program that began in 2012 allows low-income borrowers to apply for income-based repayment plans. These plans cap monthly payments at a percentage of the borrowers’ income, ensuring they have money left over each month for basic necessities. So long as borrowers remain in good standing, unpaid interest doesn’t end up added to the loan balance, and payments are capped at 25 or 30 years, depending on the specific program.

But to make sure borrowers’ financial situation doesn’t change, each income-based repayment plan must be recertified annually — and that’s where the trouble is. If the paperwork isn’t completed on time, the payments snap back to their original amount.

In a blog post discussing the problem, Seth Frotman of the CFPB wrote that a remarkable 57% of borrowers in a Department of Education sample missed their paperwork deadlines. Making matters worse, since loan payments are usually auto-deducted from borrowers’ checking accounts, former students hit by snapped-back payments are often unaware of the situation until there’s a gaping hole in their checking account balance, which often leads to a cascade of financial problems, including potential credit damage. (You can see how your student loans are affecting your credit scores for free on Credit.com.)

“When borrowers don’t recertify on time, their payments will snap back to the amount they would have owed under a standard 10-year repayment plan — a jump of hundreds of dollars per month, in many cases. This can be a shock to those already struggling to make these payments,” he wrote.

Whose fault is it when the paperwork isn’t completed on time? The CFPB has heard from consumers saying their financial institution was to blame, Frotman said.

“We’ve … heard about detours and dead ends that prevent you from keeping your payments affordable under these plans, even when you’ve filled out the required paperwork,” he wrote.

Credit.com was unable to contact the woman who complained her payments snapped from $200 to $1,400, and could not independently confirm the details of her situation, but here is what she told the CFPB. She blamed her loan servicer Navient for the screw-up:

“I submitted the required documentation for the 2015 IBR repayment plan 8 weeks before the expiration of my previous IBR application, and within the time period Navient indicated. Due to Navient’s delays, my IBR application was not processed timely,” she wrote. “While waiting for them to process my application, monthly payment jumped from approximately $200 a month to $1400 a month, causing me to go into overdraft on my checking account. Navient failed to process my application timely even though my application was complete and no documentation was missing, and failed to communicate the huge increase in payment.”

Nikki Lavoie, Navient spokeswoman, declined to comment about this specific complaint filed with the CFPB, but she did say that Navient strives to process renewals quickly.

“The standard is within 15 days but it is often sooner than that — to ensure that customers receive their renewal before their deadline,” Lavoie said. “We prioritize renewal recertifications nearing a deadline to help ensure a borrower’s payment doesn’t increase.”

Navient disclosed in an August filing with the Securities and Exchange Commission that is currently under investigation from the CFPB. The filing says Navient was notified by the CFPB that the agency’s office of enforcement is “considering recommending” legal action related to “disclosures and assessment of late fees and other matters.”

“The Company is committed to resolving any potential concerns,” the filing, dated Aug. 19, says.

The recertification problem is widespread, and not limited to any one loan servicer. According to Department of Education research, hundreds of thousands of students failed to recertify on time last year. Even worse, nearly one-third of that group ended up going into a hardship-related deferment or forbearance.

For students currently enjoying the protection of reduced monthly payments, the CFPB warns that it’s critical to make sure recertification is completed in a timely fashion. Failing to do so not only results in payment shock, but it can also impact accumulated interest waivers and the 25-year maximum payment clock.

The CFPB is currently reviewing comments about issuers with student loan servicers, and says it will issue a report about next steps in the coming months.




Here’s a prediction you need to heed: a large number of you will soon leave your credit cards behind at a retail store after making a purchase. Why? Because the biggest change in the way Americans spend money in decades is about to occur, and there will be hiccups. And because that’s what happened when other parts of the world transitioned to chip-enabled credit cards, according to consultancy Boston Retail Partners.

The Oct. 1 deadline for conversion to so-called EMV credit cards is nearly here, and much progress has been made. Hundreds of millions of the cards are now in U.S. consumers’ hands, and Visa says that more than 300,000 merchants have chip card point-of-sale terminals at last count.

(This story first appeared on Credit.com. Read it there.)

It’s a good thing, mostly, switching from old magnetic strip credit cards to new chip-enabled cards. But the way consumers use credit cards will change, slightly, and there will be unintended consequences. Like cashiers running after customers as they walk out of the store without their cards. Let me explain.

You might have heard that the difference is simply that chip cards must be inserted into a point-of-sale terminal rather than swiped. Well, it’s not quite that simple.

  • Old way: Pull out credit card, swipe. Perhaps hand to a cashier for inspection.
  • New way: Pull out credit card and insert. Then wait.

The “then wait” part is going to trip up a lot of folks. We’re not used to waiting. During those few moments, consumers are going to look up at the cash register to check the total; they are going to reach for their bags; they are going to glance at their smartphones; they are going to tell their children for the 14th time that no, they can’t have a candy bar. Then, they are going to turn on their heel and walk away, card still in the reader.

Think I’m crazy? ATMs actually had to be reprogrammed because so many consumers were leaving their cards in the things and walking away after grabbing their cash (some machines won’t cough up cash now until the card is withdrawn). Left-behind smart cards are going to happen. And we’re going to have to rely on the good graces of cashiers, or the person behind us in line, to get our cards back.

If you live on the coasts, or you don’t visit big-box stores often, you might not have seen a smart card reader yet. On my recent road trip across the heart of America, I found them everywhere, particularly at Targets, Wal-Marts, and the like. My biggest surprise was how much delay there was with card approvals. At times, it seemed to take five seconds. The delay is real. When Mercator Advisory Group surveyed consumers last fall who had used an EMV card and reader at a store, fully 72% said the process took longer than a traditional swipe (though 44% said it didn’t bother them).

Insert...then wait. That's the problem. (BarclayCardRing.com-click for more.)

Insert…then wait. That’s the problem. (BarclayCardRing.com-click for more.)

But a lot can happen in your brain during five seconds, particularly when you’ve been trained for an entire lifetime in a different kind of behavior.

Boston Retail Partners, a retail consultancy, also wrote about this issue earlier this month.

“Compared to a traditional magnetic strip swipe of a credit card which may result in a sub second response, an EMV authorization and response will take considerably longer – approximately 5-10 seconds. This is due to behind the scenes authentication and validation of the new chip on the credit card,” the firm said in a blog post. “Another impact of this longer duration of leaving the card inserted in the EMV terminal, there is a high risk of the consumer leaving their card behind. This issue was a documented problem in Europe and other early EMV adopters during their EMV cutovers. Solutions exist to configure the payment terminal or POS to alert the associate and customer audibly, or to restrict the printing of the final receipt until the card is removed. To help minimize this issue, retailers should work with their technology partners to understand which solutions work best.”

This doesn’t mean the shift to EMV should be delayed. Pity the poor smart-card point-of-sale terminal, which, according to Visa, is busy working with the chip on the card to create a unique cryptogram that secures the transaction out of a possible 18 quintillion (or 18 billion billion) possible combinations. Depending on the situation, the transaction is authorized online via communication with the issuing financial institution, or offline, if telecommunications are not readily available. (Offline verification is rare now, according to the Smart Card Alliance.)

But that difference could be the source of some new headaches. The power of learned human behavior is very strong, so expect you will make a mistake. It probably won’t happen the first or second time you use a card reader — you’ll be paying attention to the new experience. But it may happen after that, when old habits kick in.

There are some things that stores can do to minimize this problem. Smart card readers and cash registers have options that can be enabled to warn consumers about the problem. The machines can sound an alarm, or the cash register can be set to disable printing of a receipt until the card is removed. Randy Vanderhoof, director of the EMV Migration Forum, says he’s confident the change will be smooth.

“Merchants and consumers will quickly adjust to the new chip payment process. There are many options for retailers to alert their customers that the card should not be removed,” he said.

Mind you, however, these are options – and if history tells us anything, it’s that security options that add time to any process tend to be ticked off by default, and only added after a problem becomes so noisy that it can’t be ignored.

Ryan Grogman of the Boston Retail Group is optimistic, however.

“It was a pretty big lesson learned from the European and Canadian rollouts, … our current clients dealing with EMV implementations are discussing this topic,” he said. “I would venture to say that a solid majority will work to have some of those options in place.”

Even if you don’t forget the card in the store, it’s also likely that your usual ritual of swiping then putting the card right back into the right spot in your wallet or purse will be disrupted — perhaps as you grab your child during the delay — and the card might end up tossed perilously into a coat pocket, likely to fall out and be lost under the driver’s seat of your car, or end up ruined in the washing machine. Something else to worry about.

Security expert Avivah Litan of consultancy Gartner predicts a different behavior-based problem for stores. Checkout line confusion from newbies and potential authorization delays will slow things down and create consumer frustration, particularly among high-volume retailers where “time-in-line is an important metric for turning profits.” These include: fast-food restaurants, movie theaters and big-box retailers, she says.

For example, impatient or distracted consumers might yank their cards out of readers prematurely, which will result in declined transactions, and even bigger delays.

Litan, like many consumers, is used to swiping her card at the beginning of a checkout transaction to speed up her checkout. There will be no more of that.

“You may be thinking these extra seconds are no big deal. But they are a big deal to impatient shoppers like myself. And they are an even bigger deal to retailers with strong economic incentives to move cash lines as fast as possible,” Litan wrote recently.

She says a few big-box retailers have already told her privately they plan to add extra checkout lines in anticipation of slow checkout line problems. That is probably not music to the ears of financial institutions, who make money from every transaction performed with a credit card.

With time, you’d imagine authorization speeds will improve. And in time, you’ll get used to the new rhythm of swipe, insert, wait and reclaim card safely, so it’s likely any problem will be temporary. Still, when the EMV transition arrives in earnest, be extra vigilant about making sure to leave every store with your spiffy new chip credit card in your wallet or purse where it belongs.


The tort museum

The tort museum

“They called her a pig.”

Every legend has its origin myth, and I was lucky enough to hear Ralph Nader’s myth on Saturday.  It might as well be the origin myth for fairness in modern America.  The setting was a speech at the opening of a museum in Northern Connecticut that Nader called the first museum ever devoted to law.  Consumer law, anyway.

The American Museum of Tort Law might not have a snazzy name, but if you think of it as a museum for little victories by David over Goliath, it becomes a lot more alluring.

Nader’s tale went something like this: Asked why he was so tenacious in taking on companies like General Motors, and he recalled a moment from his childhood. A little girl, now 12, who had been in his class since first grade was suddenly the target of teasing by boys in the class.  Nader danced around the insults they hurled at her, until finally, he said, they called her “a pig.”  Then, they ran off giggling and Nader watched the girl crumple in sadness.

Nader watched it all unfold, trying to make sense of it.  The boys had know the girl for years, and she was kind and pleasant, so this behavior was a shock.  When he got home, he told his mother what had happened. Her reply was simple:

“Well, What did you do?”

A consumer crusader was born.

“I hate bullies,” Nader went on to say. Now 81, he’s spent most of his life trying to fight them.

Nader 3 (339x600)

Nader is a complicated figure, and you might have a terrible opinion of him. But there is no removing his historical place as the founder of the American consumer movement. He’s responsible for seat belts in cars, along with countless other safety mechanisms in products we use every day.  Casual observers probably don’t know that Nader has founded dozens of independent consumer organizations that still operate today.  He is at the head of a long family tree, probably thousands of branches deep, that includes people who’ve fought for everything from bank fee transparency to toy safety.

This weekend, in his little hometown of Winstead, Connecticut, Nader opened his museum to tort law. It’s a lot more clever and fun that you might expect. Cartoon panels tell the story of landmark cases, like Sioux City & Pacific vs Stout, in which a railroad company was held liable for an injury to a child who played on its equipment, even though the child had trespassed. (The firm knew kids were playing there and didn’t do anything to stop them or protect them).  A hot red Corvair, the car that was the subject of the book Unsafe At Any Speed, dominates the central room. You might be inclined to think of it as a sort of presidential library, but it’s not just about Nader. It reaches all the way back a bit into English common law to explain the current state of the American consumers.

Nader9 (600x339)

Every story is a tale of David vs. Goliath.

A slate of speakers opened the place, many listing their favorite Erin Brockovich tale, and all with the same point: the ability to drag a corporate executive into court and force him or her to face public accusations of misdoing is critical to a fair society.  Given the recent Volkswagon scandal, it should be clear that the ability of consumers to demand fair treatment from corporations is as important as ever.

Americans’ rights are the envy of the world. They are far from perfect. Class action lawyers often make millions, while victims walk away with pennies, that’s true. Other victims can’t interest lawyers in their cases if they aren’t worth a lot of money, a real shortcoming in a world where corporations have perfected mass-scale, nickel-and-dime scams.

Still, having someone to call and someplace to go when you’ve been wronged is critical to preservation of the American way of life, and it should be celebrated. More important, the history of concepts of like negligence and accountability should be preserved and understood by future generations. That’s what museums do. If there can be museums for maple syrup and mustard, why not consumer rights?

The American Museum of Tort Law is located on Main Street in Winstead, CT. It will be open daily, except Tuesdays, from 10:30 a.m.-5 p.m.  It will close for the winter January 1.

Here are more pictures of the museum:

Nader1 (600x339)

Nader holding court

Nader4 (339x600)

The case Tort lawyers love to hate

Nader6 (600x339) Nader7 (339x600) Nader8 (339x600)


A day with the Pope, in photos

by Bob Sullivan on September 24, 2015

IMG_9535 (581x600)

WASHINGTON — It’s been an amazing couple of days, running around trying to find the Pope.  I got closer than I ever imagined I would.  I hope you saw my Sophia Cruz story already.  

There were plenty of other images from the past 24 hours that I think are worth sharing, especially if you wish you could come to the east coast to see the Pope’s visit, but you just can’t.  So here’s a couple dozen more pictures from today.

I’m also proud to let you know that one of my pictures of Sophia, the parade girl, was featured on NBC Nightly News.

My photo on NBC Nightly News

My photo on NBC Nightly News


Pictures continue below

[Read more!]


An incredible moment

An incredible moment

WASHINGTON D.C. — I often joke that God is a journalist. Or at least studied journalism at some point. Why? Because I can’t tell you how many times I’ve done nothing really special and an incredible moment just unfolded in front of me.

IMG_9541 (424x600)Today might be the best of them, however. I was a few feet away when Pope Francis plucked a little girl out of the crowd and hugged her from his Popemobile. The five-year-old girl, Sophia Cruz (that’s how the family spelled it, but other media is spelling it Sofia) was there as part of a group that had traveled from Los Angeles.

They wanted to speak to the pope about immigration reform, and the girl had already been on TV earlier in the day,   The letter she handed him asked for help with the deportation of parents and the separation of families.

It was an incredible moment.  The Pope, you might have heard, is struggling with sciatica on the trip. He has appeared old and frail on TV at times.  But he looked like a spry young priest when he called for the girl, and you can see in his face how much he loves human contact.

The girl had tried to climb the barricade in front of her and was pushed back by security until the Pope called for her, and asked to see the letter she had written for him.  When she returned to the crowd, it seemed she would faint. She was clearly overcome. She was famous instantly.  A crush of journalists surrounded her; people there to see the Pope now wanted Sophia’s picture, too.

And that security guard? Well he went up to Sophia afterwards and said, “You are very brave.”

The crush of people around me was wild, and I’m lucky I got any shots at all.  Frankly, as often happens, I was delighted to see what images popped up on my screen — I was just holding my camera overhead holding down the shutter, basically. As I said, God is a journalist.  Or at least, sometimes, roots for them.


My friend Sandra Lilley at NBC Latino just posted a story with even more more details about Sofia, and used a few of my photos.

CBS News says it has obtained the letter she handed the pope.  Here’s a link to a Tweet with the picture

Cruz letter

And here’s a link to a translation of the letter.  

It reads, in part, “My heart is sad because I am scared that one day ICE will deport my parents.”


Here she is waiting for the Pope (at left)

Here she is waiting for the Pope (at left)

Here are far too many pictures of the scene because, well, can you ever see too many pictures of the Pope hugging an adorable little girl?

(Photos continue just below.)

IMG_9529 (600x400) IMG_9535 (581x600)

copy (600x400)

Look at how brave this little girl is.



IMG_9689 (600x400) IMG_9688 (600x400) IMG_9682 (600x400) IMG_9679 (400x600) IMG_9659 (600x400) IMG_9657 (600x400) IMG_9656 (600x400) IMG_9654 (600x400) IMG_9650 (600x400) IMG_9623 (600x400) IMG_9588 (600x400) IMG_9544 (600x487) IMG_9543 (600x441) IMG_9541 (424x600) IMG_9540 (600x400) IMG_9531 (600x373)



{ 1 comment }