Sure, mistakes are made, but credit cards going from number (i.e. private key) to pin and chip (generating a token for each transaction) reduces the impact of a data breach tremendously. An individual can still screw it up, but they could lose their entire credit card before too. At least now it's only user error to worry about and not the centralized honeypots of user data.