신용카드 영수증을 통한 카드정보 유출을 방지하기 위한 법제도 고찰-미국의 입법례를 중심으로 한 비교법적 고찰-

Domestic credit card receipts are processed so that part of the card number is not disclosed. However, because the location of the truncated digits on the receipt is different by each receipt issuer, the combination of multiple receipts of the credit card may result in full card number and expiration date. In Korea, the protection of the credit card receipt's personal information was so poorly handled that the Credit Finance Association recommended to make card terminals capable of issuing masking receipts to prevent card information leakage since 2008. There is no direct statutory requirement that credit card franchisees have the obligations to truncate credit card numbers or expiration dates on the printed receipts in Korea. The number on the credit card receipt is only specified in the Specialized Credit Financial Business Act in Korea in the form of indirect administrative regulation in such a way as to enforce the credit card merchant to use the terminal registered with the Financial Services Commission. The location and digits of truncated numbers are regulated by the technical standard of certification of the terminals. Under this legal structure, because the cardholder do not have any rights to receive a truncated receipt of a credit card number and expiration date, a cardholder cannot claim a statutory damages for the breach of truncation duty against the large credit card receipt issuer. Administrative penalties are imposed to the violators who uses uncertified terminals. Under such structure, it requires continuous enforcement of the use of the registered terminal by the administrative authority. Even the full enforcement of the use of such certified terminals will begin on July 21, 2018. In addition, since only the ninth to twelfth digits of the credit card numbers are truncated, the first 8 digits and the last 4 digits of the credit card number are still exposed. Total 12 digits can be exposed. The number of card numbers obtained through the receipt is too much compared to the US. In view of the fact that the credit card transactions are also made internationally, truncated location and digits need to be decided like other major credit card issuing country such as US. The Fair and Accurate Transactions Act (FACTA), the US Federal Law provides the unified credit card receipt truncation legal standards and preempts state legislation. It is desirable to provide clearly the obligation for the card takers to truncate the card number and expiration date at Specialized Credit Financial Business Act in Korea. This will enable the credit card users to have the direct remedy against the violators and it will be more efficient control than supervision only by administrative regulator.