However, the changes could cost credit unions in the near term even if they save money in the long run, she said. "I think the immediate impact is going to be a bit overwhelming for credit unions to get everything in place," Sherman said.

CUNA Mutual's recommendations appear to be an effort to raise the bar above the levels already set by the Payment Card Industry (PCI) requirements imposed by the major card associations, said John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc.

"PCI is all about protecting online transactions and storing credit card data" securely, Pescatore said. CUNA Mutual's efforts, meanwhile, appear to be more focused on mitigating losses from card fraud, he said.

CUNA Mutual's move is part of a broader set of initiatives aimed at fighting fraud. The company is also lobbying card associations for stronger data-protection standards and advocating litigation against merchants that fail to demonstrate due diligence in protecting sensitive data.

Last April, the insurer filed a lawsuit against BJ's Wholesale Club Inc. seeking to recover losses resulting from a security breach that compromised 40,000 credit and debit cards. The lawsuit, which BJ's is contesting, alleges that the retailer stored account and customer information in violation of MasterCard International Inc.'s and Visa International Inc.'s PCI regulations.