You are here

Restaurants tighten credit card security

March 5, 2007
By Bruce Horovitz, USA TODAY

Restaurant chains — under mounting pressure — are serving up new ways to shield customers from credit card fraud.

Ruby Tuesday today will announce that it will be the first national restaurant to offer an ultra-secure credit card processing system that leaves no credit card information with the restaurant. The system that will be in all of its 900 locations by mid-April sends the data to the bank in an encrypted form.

Meanwhile, some smaller chains — including Legal Sea Foods and Hooters — are testing devices that let patrons pay at the table so the credit card never leaves their sight.

These kinds of actions could change how people use credit cards at the nation's 935,000 restaurants, where they're expected to spend $537 billion in 2007. Some of the new steps mirror methods already common in Europe.

Identity fraud of all kinds costs consumers more than $56 billion annually. Late last year, several dozen retailers, including California Pizza Kitchen and El Pollo Loco, were named in identity theft class-action lawsuits for violating federal law that requires retailers to truncate credit card numbers on receipts.

Massachusetts is eyeing a bill that would hold retailers responsible for losses if credit card information is stolen from their equipment.

These kinds of concerns are motivating restaurants to act.

"As a society, we've gone digital and plastic," says Richard Martin, executive editor at Nation's Restaurant News. "We'll see more and more of these things built around security."

Here's what's coming:

•Ultra-secure credit. Like many retailers, credit card use at Ruby Tuesday has jumped: It's now 57% of sales, up from 45% less than three years ago, says Nick Ibrahim, chief technology officer. As a result, the major credit card issuers have been pushing all retailers — including restaurants — to install safer systems by July 2007. The new system sends encrypted credit card information directly to the bank, so no credit card data are stored by the retailer. Starting in April, it will be "impossible" to commit credit card fraud at Ruby Tuesday, Ibrahim says.

•Paying at the table. Four Legal Sea Foods locations are testing handheld devices that allow customers to pay at their tables without losing sight of their credit cards.

This eliminates concerns about skimmers — devices that can lift information off the magnetic strips on credit cards.

"The restaurant industry is the only industry where you give somebody your credit card, and they walk away with it," says Ken Chaisson, vice president of information technology.

It will have the devices in all 34 of its locations by the end of 2007.

Hooters also is testing the device at one Atlanta store, and it's about to add a second location, says Mike McNeal, marketing chief.