U.S. CREDIT CARD fraud topped $8 billion in 2015 and should surpass $12 billion next year. You can reduce your exposure to such incidents with a few simple steps. Why bother? Won’t the bank pick up the tab when unauthorized purchases show up on your account? Generally, yes, thanks to the Fair Credit Billing Act and the Electronic Fund Transfer Act. But there may be limitations on that protection, based on how quickly you notify your bank when you discover unauthorized charges.
There are two well-established ways your credit card information can be stolen and used.
The most likely scenario is when a hacker exploits weak security measures at a merchant or payment processing company to download big lists of detailed credit card and billing contact info. These tend to be big, disruptive incidents which cost the responsible party millions of dollars and create a lot of hassle for you and others affected. The Heartland Payment Systems hack in 2009 exposed 160 million cards, according to the indictment of those charged. More such incidents have been reported, including at TJX Cos. (in 2006, 94 million cards), Home Depot (in 2014, 56 million cards) and Target (in 2013, 40 million cards).
The next most common scenario is when an attacker gains access to a merchant’s payment terminal or point-of-sale system at a gas station, restaurant or store, and installs malware or modifies it with a skimmer or shimmer device, to steal information from every card used there. Skimmers exploit the oldest tech on your credit card: the old-school magnetic stripe that holds all of your card data in an open, unencrypted form. Michaels crafts stores in 20 states reportedly experienced such a crime in 2011. Skimmer use on ATMs has risen, too.
When these incidents are discovered, banks proactively issue new cards to all affected customers. It’s the right thing to do to reduce everyone’s financial exposure, but it’s a hassle.
Here are five ways to limit your exposure to such fraud:
For more secure online payments, there are a few other options popular in the U.S., including services like PayPal. Apple Pay and Google Pay are also expanding to web and mobile app payments. Mastercard and Visa just released specs for new technology that should enable them to compete with Apple, Google and PayPal using Masterpass by Mastercard or Visa Checkout. All of these solve the problems associated with saving underlying credit card information at each merchant. Indeed, we should soon have lots of choices for more secure and convenient online shopping.
David Powell has written software or led engineering teams for 35 years. He enjoys work, vegan fine dining, cycling and travel with his spouse. His previous articles include Get Me a Margarita, Making a Mesh and Elon and Me.
Want to receive our weekly newsletter? Sign up now. How about our daily alert about the site's latest posts? Join the list.
Good advice. I also like virtual credit cards because they prevent automatic renewals of subscriptions.
Yes indeed. If it could only stop the renewal nagging too 🙂
Equifax now has a fund to compensate the hacked. https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement . supposed to pay $125 per person.
Thanks for the link, James.