We value our editorial independence, basing our comparison results, content and reviews on objective analysis without bias. But we may receive compensation when you click links on our site. Learn more about how we make money from our partners.
The beginner’s guide to credit card security
We hand over personal information to get cards. But is it safe?
Credit card fraud is a growing problem — it’s caused an estimated $24.71 billion in losses in 2016 alone. By 2020, it’s expected to cost $31.67 billion worldwide.
You’re not alone if you’re concerned about your credit card information. Here’s what you should know about credit card security — and keeping your information safe.
Security measures offered by your credit card
Credit cards have a variety of built-in defenses against fraud, and the financial industry is always developing better tools to combat fraudsters. Here are the two most common security measures included in credit cards today.
Security measures guide
One of the reasons card companies monitor your spending is to catch fraud.
To avoid losses — as fraud costs banks money — financial institutions develop technologies that automatically detect inconsistencies in customer spending.
If your card is used fraudulently, you also most likely won’t be liable. Many banks and card providers — especially large ones such as Chase, Bank of America, Visa and Mastercard — offer “zero liability” protection for fraud. That means if your card is lost or stolen, you won’t have to pay anything. Even if you owe money for a fraudulent transaction, federal law mandates you can only be charged a maximum of $50.
Why your credit card has a chip?
Recently, your card provider may have sent you a new card with a shiny chip inside. If so, you’ve received a chip card — also known as an EMV card. EMV stands for Europay, Mastercard and Visa.
A chip card is relatively secure because it encrypts account information differently each time it’s used. In contrast, data is static on a magstripe card, which means it’s easier for criminals and skimmers to extract.
Chip cards have been widely adopted around the world, but only now is the US following suit. The US is mostly adopting chip-and-signature cards, with which you sign your name to verify your identity.
Meanwhile, many other countries are using chip-and-PIN cards, which require you to enter a personal identification number. Chip-and-PIN cards are considered to be more secure since there’s no signature to forge.
Maybe someday we’ll upgrade to chip-and-PIN cards too. Until then, we at least have a significant upgrade from magstripe cards.
General tips for using your credit card securely
- Carefully examine your monthly card statement. If you don’t recognize charges, notify your card provider. This is one of the best ways to protect yourself against fraud.
- Examine your card-specific features. Many credit cards feature a suite of additional security features. For example, Mastercards have a SecureCode feature.
- Sign your card. Merchants are supposed to match your signature to what you sign on your receipt. Merchants don’t always do this, but signing your card ensures your provider will give you protections such as zero-liability guarantees.
- Be careful with your receipts. Never leave a receipt behind at an ATM or a store counter. Shred them before tossing.
- Only give your credit card number over the phone if you’re the one calling. You may need to input your card number if you’re calling customer support, but your bank will never call asking for your card information.
- Know which phone number to call if you have problems with your card. If your card is lost or stolen, have a phone number on hand to cancel or freeze your credit card immediately. The sooner you cancel, the less time a thief has to use your card.
How to guard against fraud
Credit card fraud doesn’t happen often, but it can be incredibly inconvenient when it strikes. According to payment systems provider ACI Worldwide, 46% of Americans have been victims of credit card fraud. Though financial institutions rarely lose customer data, it can happen.
Here are a few tips to protect your credit card from bad actors:
- Be selective about who you give information to. Think twice before applying for services from little-known financial institutions. The big players may be more expensive, but they often have more resources to safeguard your data.
- Monitor your credit card transactions. Credit card providers have robust fraud departments, but you’re your own best defense.
- Be wary of unknown callers and phishing emails. Your financial institution will never call you asking for sensitive information. Also, be suspicious of unexpected emails that seem to be from your bank or card provider. They may be sent from thieves attempting to steal your information.
- Check your credit reports. Monitoring your credit reports can help you spot identity theft. You can get your report for free every year from AnnualCreditReport.com, which is authorized by the US government.
- Initiate a “security freeze” with the major credit bureaus. If you set a security freeze, a credit bureau can’t release your credit report without your permission. This can stop identity thieves from opening new financial accounts in your name.
Is it safe to use my credit card?
To get a credit card, you must first submit personal and financial information to a card provider. Your name, phone number, email address and residential address are a given. But you also have to divulge sensitive details about your employment information, total annual income and Social Security number.
It’s generally safe to hand over this information, but there are a few things to keep in mind when using your credit card.
Breaches can happen
According to a report by the US Government Accountability Office, large financial institutions adopt security measures that are “generally more sophisticated and harder to compromise.” Banks and credit card companies know it’s important for them to safeguard customers’ information and money. To that end, they’re constantly updating their security systems to guard against hacks.
As of yet, there hasn’t been a significant data breach in a major credit card company. However, it’s not impossible for a big financial player to be breached. J.P. Morgan, for example, was hacked in 2014, exposing the sensitive data of 76 million customers. Fortunately, it didn’t appear that passwords, birthdates or Social Security numbers were stolen. But hackers took countless phone numbers, addresses, names and email addresses — information that could be sold on black markets.
Even if your credit card company closely guards your data, there’s a chance a merchant could lose your credit card information. Your own computer hardware could be hacked, and thieves could steal your credit card information at ATMs.
So it’s not just your bank’s job to keep your information safe. It’s a good idea for you to be vigilant as well.
Your credit card spending isn’t private
Credit cards are incredibly convenient, but using them means losing your financial anonymity to your card providers. Card providers can see where you’ve used your card, and they’re constantly evaluating your creditworthiness based on your spending habits.
For example, if you used your card at a casino or at bail-bond shops, your provider may consider you more likely to be in financial trouble. It could mark you as a riskier borrower who might default on payments. To protect itself, your provider can possibly take preemptive measures, such as lowering your credit limit.
Fortunately, your card company isn’t allowed to share your personal information with non-affiliated third parties. But that doesn’t mean third parties don’t have ways of monitoring your spending. Google, for instance, claims it’s privy to 70% of credit and debit card transactions in the United States through its third-party partnerships.
Credit card skimmers
Thieves steal credit card information in numerous ways, but one of the prominent ways is by using credit card skimmers.
Skimmers are small, nearly undetectable devices that criminals fit onto credit card machines to read and record your credit card data. For example, a skimmer can be placed over the card slot on an ATM and steal information from a card’s magstripe.
Credit card skimmers have proliferated in recent years, largely because skimmers have gotten more sophisticated. Thankfully, there are still ways to protect yourself from these devices.
Is it safe to enter credit card numbers online?
E-commerce is growing fast, but consumers still have security concerns about safely making purchases online. In fact, nearly two-thirds of consumers say online retailers aren’t doing enough to protect credit card and personal information.
But a credit card is one of the safest ways to make purchases online. As long as you’re following a few basic guidelines for safety, using a trusted website and the online retailer encrypts your data, it’s safe to enter credit card information on the web.
Compare credit cards
Are credit cards still more secure than carrying cash?
There are pros and cons to each — but for safeguarding your money, credit cards have the edge.
Both cards and cash can be stolen, but you’re unlikely to recover cash once it’s gone. On the other hand, you can quickly replace a stolen card. It’s also unlikely you’ll lose money from a stolen credit card because you probably won’t have to pay for fraudulent transactions. On top of that, some banks will even offer credit card payment protection insurance. Plus, credit card purchases are much more easily tracked than cash purchases and fraud punishment can range from fines to jail time for the offender.
For protecting your information, cash is the hands-down winner. To get a credit card, you have to submit personal information such as your Social Security number and contact details. If your card data is stolen, your information could be sold. Meanwhile, cash transactions can’t be traced to you.
Overall, credit cards are better at safeguarding your money. Just remember that you’ll give up some privacy to use them.
How the government protects consumer privacy
The Federal Trade Commission (FTC) is the primary government agency that protects consumers against fraud and privacy abuses. It sues companies that infringe on consumer privacy or fail to safeguard customer data. For example:
- In 2015, LifeLock agreed to pay $100 million to settle a complaint by the FTC. The FTC found that LifeLock wasn’t adequately protecting users’ personal information.
- In 2014, the FTC charged three companies with deceptively offering free credit scores to consumers and later billing for recurring credit monitoring programs. The companies agreed to refund consumers to the tune of $22 million.
A few federal laws also protect consumers in the financial sector:
- The Gramm-Leach-Bliley Act. Financial institutions must state how they share consumer information, and they must take adequate measures to protect customers’ personal data.
- The Fair Credit Reporting Act. This act prevents reporting agencies from giving consumer information to those who don’t have valid need. Consumers are also given the power to opt out of prescreened credit card offers.
- The CAN-SPAM Act. CAN-SPAM rules how companies can collect and use email addresses and phone numbers.
Unlike the Credit CARD Act of 2009, which tackles abusive practices in the credit card industry, there isn’t one overarching piece of legislation governing consumer privacy. However, national privacy legislation is introduced from time to time, and many states have enacted their own privacy laws.
Credit card security measures and policies are constantly improving to meet the challenge of evolving fraudsters, so don’t be afraid to use your credit card responsibly.
Follow these basic safety measures to keep information safe and compare credit cards to find one that suits your spending needs.
Frequently asked questions
Pictures: Getty Images
Ask an Expert