How credit card security works

We hand over a lot of personal information to obtain credit cards. But is our information — and money — safe?

It’s understandable to be worried. From time to time, large companies lose customer data in major hacks:

  • In a well-publicized hack, Target lost card data from 40 million customers. A class-action lawsuit claimed that Target hadn’t implemented sufficient security measures to prevent the hack.
  • Malware infected Chipotle’s cash registers, allowing thieves to steal data from credit card magstripes.
  • InterContinental Hotels Group, which runs properties like Holiday Inn, had its own run-in with hacking. A data breach affected almost 1,200 of the company’s hotels, and many customers reported unauthorized charges on their credit cards.

Credit card fraud is a growing problem — it caused an estimated $24.71 billion in losses in 2016 alone. By 2020, it’s expected to cost $31.67 billion worldwide.

If you’re concerned about your credit card information, you’re not alone. Here’s what you should know about credit card security — and keeping your information safe.

Should I be worried about credit card fraud?

To get a credit card, you must first submit personal and financial information to a card provider. Your name, phone number, email address and residential address are a given. But you also have to divulge sensitive details about your employment information, total annual income and Social Security number.

We hand over this information without a second thought. But is it safe once we part with it?

Credit card securityDo credit card companies keep my information safe?

First, the good news: As of yet, there hasn’t been a significant data breach in a major credit card company.

According to a report by the US Government Accountability Office, large financial institutions adopt security measures that are “generally more sophisticated and harder to compromise.” Banks and credit card companies know it’s important for them to safeguard customers’ information and money. To that end, they’re constantly updating their security systems to guard against hacks.

However, it’s not impossible for a big financial player to be breached. Financial services giant JP Morgan was hacked in 2014, exposing the sensitive data of 76 million customers. Fortunately, it didn’t appear that passwords, birthdates or Social Security numbers were stolen. But hackers took countless phone numbers, addresses, names and email addresses — information that could be sold on black markets.

Even if your credit card company closely guards your data, there’s the chance that a merchant could lose your credit card information. Your own computer hardware could be hacked, and thieves could steal your credit card information at ATMs.

So it’s not just your bank’s job to keep your information safe. It’s a good idea for you to be vigilant as well.

How to guard against fraud

Credit card fraud doesn’t happen often, but it can be incredibly inconvenient when it strikes. According to payment systems provider ACI Worldwide, 46% of Americans have been victims of credit card fraud. Though financial institutions rarely lose customer data, it’s not out of the question for it to happen.

To protect yourself, implement these safeguards:

  • Be selective about who you give information to. Think twice before applying for services from little-known financial institutions. The big players may be more expensive, but they’re better prepared to safeguard your data. According to accounting firm Moss Adams, small banks are easier targets for hackers because they often have fewer resources.
  • Monitor your credit card transactions. Credit card providers have robust fraud departments, but you’re your own best defense. Regularly check your card’s transactions and alert your provider if you see anything fishy. It’s easy to get a replacement credit card, and you’ll rarely be on the hook for fraudulent transactions.
  • Be wary of unknown callers and phishing emails. Your financial institution will never call you asking for sensitive information. Also be suspicious of unexpected emails that seem to be from your bank or card provider. They may be sent from thieves attempting to steal your information.
  • Check your credit reports. Monitoring your credit reports can help you spot identity theft. You can get your report for free every year from AnnualCreditReport.com, which is authorized by the US government.
  • Initiate a “security freeze” with the major credit bureaus. If you set a security freeze, a credit bureau can’t release your credit report without your permission. This can stop identity thieves from opening new financial accounts in your name.

Your credit card spending isn’t private

Credit cards are incredibly convenient. The tradeoff for using them, however, is losing your financial anonymity.

This doesn’t mean everyone will know what you spend money on. But your card providers will: They’re regularly slicing and dicing your card use. They can see where you’ve used your card, and they’re constantly evaluating your creditworthiness based on your spending habits.

For example, if you’ve used your card at a casino or at bail-bond shops, your provider may consider you more likely to be in financial trouble. It could mark you as a riskier borrower who might default on payments. To protect its downside, your provider can possibly take preemptive measures, like lowering your credit limit.

Fortunately, your card company isn’t allowed to share your personal information with nonaffiliated third parties. But that doesn’t mean third parties don’t have ways of monitoring your spending. Google, for instance, claims it’s privy to 70% of credit and debit card transactions in the United States through its third-party partnerships.

The implication is clear: If you use credit cards, always assume someone’s monitoring your spending.

Credit card skimmers

Thieves steal credit card information in numerous ways, but one of the prominent is by using credit card skimmers.

Skimmers are small, nearly undetectable devices that criminals fit onto credit card machines to read and record your credit card data. For example, a skimmer can be placed over the card slot on an ATM and steal information from a card’s magstripe.

Credit card skimmers have proliferated in recent years, largely because skimmers have gotten more sophisticated. In the past, the bulkiness of a skimmer would give it away. Now they’re small and sleek, and it’s hard to tell when they’re installed.

Credit card skimmers guide

How a skimmer works

First, a thief installs a skimmer onto a credit card machine — like a store point-of-sale system or ATM. Typically, fraudsters will plant skimmers where they’re less likely to be caught doing so — outdoor ATMs and gas pumps are prime targets. They may also install hidden cameras or fake keypads to steal customers’ PINs.

After some time, the thieves will return to collect the skimmer. They’ll sell the information they’ve stolen, or even use it themselves.

Is it safe to use your credit card at an ATM?

Whenever you use an ATM, consider the possibility that a skimmer is installed. ATMs inside of a bank are less likely to have been tampered with. But if you’re using an ATM in an outdoor or little-trafficked area, the machine could be compromised.

If you must use an ATM that’s not monitored by cameras or bank personnel, make it a point to check your credit card transaction history for suspicious activity.

How to protect yourself from credit card skimmers

It’s difficult to detect all skimmers you could come across, and they’re only getting more sophisticated. However, you can minimize the risk of losing your credit card data to these devices.

  • Use ATMs attached to banks. These machines are more likely to be monitored, and they’re serviced more often than off-brand ATMs.
  • Regularly monitor your credit card transactions. You don’t have to wait for your statement before reviewing your transactions. Just sign in to your online account to see what’s charged to your credit card. If you’re vigilant about monitoring your card, you can catch fraud quickly.
  • Avoid ATMs that appear to have been tampered with. Especially with off-brand ATMs, don’t use a machine that looks suspicious, rundown or out of place. If buttons are hard to press or graphics are misaligned on the screen, take your card elsewhere.
  • Inspect hardware on ATMs. Don’t be afraid to pull at the card slot or test the machine’s keys before your transaction. A skimmer may be glued to a machine, and it could come off if you pull it.
How does a magstripe credit card work?

How is your data uploaded onto a tiny plastic card? The answer is your magnetic stripe. Your card’s magstripe contains a bunch of magnetic particles that are magnetized to store data.

When you swipe your card at a terminal, your transaction is sent to an acquiring bank or an acquirer. This is the organization that pays the merchant.

In turn, the acquirer gets paid by sending the transaction through a card network like Visa or Mastercard to an issuing bank — the institution that distributes credit cards to consumers. The issuing bank charges a commission on the transaction and then sends the remaining funds to the acquirer.

Luckily, you don’t have to worry about any of the behind-the-scenes processes. Just swipe your card and you’re done!

Security measures offered by your credit card

We’ve talked considerably about how credit card information can be stolen. Still, a credit card builds in defenses against fraud, and the financial industry is always developing better tools to combat fraudsters.

Security measures guide

Fraud monitoring

One of the reasons that card companies monitor your spending is to catch fraud.

Fraud costs banks money. To avoid losses, financial institutions develop technologies that automatically detect inconsistencies in customer spending. Uncovering these anomalies is how card companies catch fraud.

There’s more good news: You most likely won’t be liable if your credit card is used fraudulently. Many banks and card providers — especially large ones like Chase, Bank of America, Visa and Mastercard — offer “zero liability” protection for fraud. That means if your card is lost or stolen, you won’t have to pay anything. Even if you owe money for a fraudulent transaction, federal law mandates that you can only be charged a maximum of $50.

Overall, a credit card is an excellent way to pay because it offers great consumer protections against fraud.

Why your credit card has a chip?

Recently, your card provider may have sent you a new card with a shiny chip inside. If so, you’ve received a chip card — also known as an EMV card (EMV stands for Europay, Mastercard and Visa).

A chip card is relatively secure because it encrypts account information differently each time it’s used. In contrast, data is static on a magstripe card, which means it’s easier for criminals to extract. Skimmers are highly effective at collecting data from magstripes, but they’re less adept at foiling chip cards.

Chip cards have been widely adopted around the world, but only now is the United States following suit. The US is mostly adopting chip-and-signature cards, with which you sign your name to verify your identity.

Meanwhile, many other countries are using chip-and-PIN cards, which require you to enter a personal identification number. Chip-and-PIN cards are considered to be more secure, since there’s no signature to forge.

Maybe someday we’ll upgrade to chip-and-PIN cards too. Until then, we at least have a significant upgrade from magstripe cards.

Credit cards and online purchases

E-commerce is growing fast, but consumers still have security concerns about making purchases online. In fact, nearly two-thirds of consumers say online retailers aren’t doing enough to protect credit card and personal information.

The truth of the matter is that a credit card is one of the safest ways to make purchases online. As long as you’re using a trusted website and the online retailer encrypts your data, it’s safe to enter credit card information on the web.

Here are a few precautions you can take to use your credit card safely online:

  • Make sure you’re on the right website. It sounds elementary, but you can lose information by submitting credit card details in the wrong place. Take a quick glance at your browser’s URL bar to confirm the web address is correct.
  • Only input credit card information if the website URL starts with “https.” This means the data you send will be encrypted. If the website URL starts with “http,” cancel your transaction.
  • Use antivirus software on your computer and regularly scan your system. Your credit card data could be stolen by malware like keyloggers and screen recorders. Keep viruses and spyware off of your computer with a reputable antivirus provider like Kaspersky or Norton.
  • Don’t place orders on public Wi-Fi. Because public Wi-Fi is unsecured, it’s a prime target for hackers. Only input credit card information online when you’re on your secured home network.

Compare credit cards

Rates last updated September 25th, 2017
Name Product APR for Purchases ( Purchase Rate ) Intro APR for Balance Transfer Annual fee Product Description
Barclaycard Arrival Plus® World Elite Mastercard®
16.99%, 20.99% or 23.99% variable
0% Intro APR for 12 months (with whichever is greater: $5 or 3%% balance transfer fee)
$0 annual fee for the first year ($89 thereafter)
Enjoy 40000 bonus miles after you spend $3,000 on purchases in the first 90 days — that's enough to redeem for a $400 travel statement credit toward an eligible travel purchase.
Luxury Card Mastercard® Titanium Card™
15.99% variable
0% Intro APR for for the first 15 billing cycles (with 3% (minimum $5) of the amount of each transfer% balance transfer fee)
$195 ($95 for each Authorized User added to the account)
Enjoy unique excursions, privileged access to exclusive events and insider opportunities.
Indigo® Platinum MasterCard®
23.9% variable
$75 annual fee for the first year ($0 to $99 thereafter)
With this card you get a 23.9% variable APR.
Credit One Bank® Platinum Visa®
16.99% to 24.99% variable
$0 to $75 first year annual fee for the first year ($0 to $99 thereafter)
Good credit not necessary. Rebuild and grow your score with this card.
Credit One Bank® Unsecured Visa® for Rebuilding Credit
16.99% to 24.99% variable
$0 to $99
A tool for rebuilding your credit.
First Access Visa Card
29.99% variable
$75.00 for first year. After that, $48.00 annually.
The First Access Card is a true VISA® credit card that does not require perfect credit for approval. Complete our easy online application now and get a response in as little as 60 seconds!
Simmons Bank Visa® Platinum
8.25% variable
$0
The Simmons Bank Visa® Platinum Card offers multiple perks, including one of the lowest available APRs on the market.
Credit One Bank® Cash Back Credit Card
16.99% to 24.99% variable
$0 to $75 first year annual fee for the first year ($0 to $99 thereafter)
Reward spending while boosting your credit score and earn 1% cash back on all eligible purchases.
Simmons Bank Visa® Platinum Rewards
10.25% variable
$0
Excellent Credit Required - Applicants that do not have excellent credit will not be approved

Compare up to 4 providers

Rates last updated September 25th, 2017
Name Product Product Description APR for Purchases ( Purchase Rate ) Annual fee Interest Free Period
First Progress Platinum Elite MasterCard® Secured
With just a security deposit and 19.99% variable APR, start building or rebuilding your credit history.
19.99% variable
$29
Up to 25 days
OpenSky® Secured Visa® Credit Card
A secured Visa® credit card that helps you build your credit quickly.
18.39% variable
$35
Up to 25 days
UNITY Visa Secured Credit Card
Borrow up to $10000 and get your credit score back on track.
17.99%
$39
Up to 25 days
Applied Bank Secured Visa Gold Preferred Credit Card
This secured card can help you rebuild your credit with an initial deposit of $200 to $1,000.
9.99%
$48
0 interest free days
First Platinum Prestige MasterCard® Secured Credit Card
You can increase your credit limit once adding funds to the initial deposit.
9.99% variable
$49
Up to 25 days
primor® Secured Mastercard® Gold Card
Low fixed interest rates with no penalty rate.
9.99% Fixed
$49
Up to 25 days
primor® Secured Mastercard® Classic Card
Have little or poor credit? The primor® Secured Mastercard® Classic has no minimum credit score requirements and no processing or application fees to worry about.
13.99% Fixed
$39
Up to 25 days
TCF Bank Secured Visa® Card
Get the credit card that helps you to start fresh by helping build or rebuild credit.
20.99% variable
$25
Up to 21 days
primor® Secured Visa Classic Card
Credit lines available from $200 to $5,000! You decide where you want to start and open your Personal Savings Deposit Account to secure your line.
13.99% Fixed
$39
Up to 25 days

Compare up to 4 providers

Rates last updated September 25th, 2017
Name Product APR for Purchases ( Purchase Rate ) Annual fee Product Description
Target REDcard Credit Card
23.90% variable
$0
A no annual fee credit card and discounts when you shop at Target.
Fingerhut Credit Account
25.90% variable
$0
The Fingerhut Credit Account is store-specific, and used to finance purchases made from Fingerhut.com or Fingerhut FreshStart’s catalogue.
Fingerhut Advantage Revolving credit account
25.90% variable
$0
Helps you keep building your credit as you buy great name brand products.
Fingerhut FreshStart® credit account
25.90% variable
$0
Get instant access to purchase items in the Fingerhut store with no overlimit fees.
Horizon Gold Card
0%
Get a 500 credit limit to make purchases on the Horizon Outlet website.
NetFirst Platinum
0%
Looking for the best card? You can have it while you build your credit with Horizon Card Services. Get an unsecured line of credit and the best customer service!
Luxe Signature Card
0%
$0
For purchases on HuttonChase.com with a maximum credit limit of $1500.00.
Next Millennium Card
0%
Shop the items you need at myuniqueoutlet.com with up to a $1000 credit.
Emporium Card
Varies by balance. See website for details*
$0
Get a $300 to $5000 instantly to shop 100,000+ items at Emporium.
WALMART® credit card
23.90% variable
$0
Overstock Store Credit Card
27.74% variable
$0
6, 12, 18, and 24-month financing options available and special promotions just for cardmembers.

Compare up to 4 providers

Are credit cards still more secure than carrying cash?

With concern about fraud when using a credit card, is cash a better option? There are pros and cons to each — but for safeguarding your money, credit cards has the edge.

Both cards and cash can be stolen, but you’re unlikely to recover cash once it’s gone. On the other hand, you can quickly replace a stolen card. It’s also unlikely that you’ll lose money from a stolen credit card, because you probably won’t have to pay for fraudulent transactions.

For safeguarding your information, cash is the hands-down winner. To get a credit card, you have to submit personal information like your Social Security number and contact details. If your card data is stolen, your information could be sold. Meanwhile, cash transactions can’t be traced to you.

Overall, credit cards are better at safeguarding your money. Just remember that you’ll give up some privacy to use them.

General tips for using your credit card securely

  • Carefully examine your monthly card statement. If you don’t recognize any charges, notify your card provider. This is one of the best ways to protect yourself against fraud.
  • Sign your card. Merchants are supposed to match your signature to what you sign on your receipt. Merchants don’t always do this, of course, but signing your card can give you important protections from your card provider, such as zero-liability guarantees.
  • Be careful with your receipts. Never leave a receipt behind at an ATM or a store counter, and shred them before tossing.
  • Carefully examine your monthly card statement. If you don’t recognize a charge, notify your card provider.
  • Only give your credit card number over the phone if you’re the one calling. You may need to input your card number if you’re calling customer support, but your bank will never call asking for your card information.
  • Know which phone number to call if you have problems with your card. If your card is lost or stolen, have a phone number on hand to cancel the card immediately. The sooner you cancel, the less time a thief has to use your card.

How the government protects consumer privacy

The Federal Trade Commission (FTC) is the primary government agency that protects consumers against fraud and privacy abuses. It sues companies that infringe on consumer privacy or fail to safeguard customer data. For example:

  • In 2015, LifeLock agreed to pay $100 million to settle a complaint by the FTC. The FTC found that LifeLock wasn’t adequately protecting users’ personal information.
  • In 2014, the FTC charged three companies with deceptively offering free credit scores to consumers and later billing for recurring credit monitoring programs. The companies agreed to refund consumers to the tune of $22 million.

A few federal laws also protect consumers in the financial sector:

  • The Gramm-Leach-Bliley Act. Financial institutions must state how they share consumer information, and they must take adequate measures to protect customers’ personal data.
  • The Fair Credit Reporting Act. This act brs reporting agencies from giving consumer information to those who don’t have valid need. Consumers are also given the power to opt out of prescreened credit card offers.
  • The CAN-SPAM Act. CAN-SPAM rules how companies can collect and use email addresses and phone numbers.

Unlike the Credit CARD Act of 2009, which tackles abusive practices in the credit card industry, there isn’t one overarching piece of legislation governing consumer privacy. However, national privacy legislation is introduced from time to time, and many states have enacted their own privacy laws.

Common questions about credit card security

Contact your credit card provider immediately and cancel your card. At that time, you can request a replacement card.

Unfortunately, no. Your card issuer will monitor your transactions, in part to combat fraud. It’s not ideal for privacy, but it could be a price worth paying for convenience.

Your PIN is your personal identification number that validates you as an authorized user of your card. If you forgot your PIN or want to change it, contact your financial institution or card provider.

Was this content helpful to you? No  Yes

Ask an Expert

You are about to post a question on finder.com:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, read the PDS or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms and Conditions and our Privacy Policy.

US Credit Card Offers

Learn about our information service
Luxury Card Mastercard® Gold Card™
Luxury Card Mastercard® Gold Card™

APR

15.99
variable

Annual fee

0 For the first year
More info
First Access Visa Card
First Access Visa Card

APR

29.99
variable

Annual fee

75 For the first year
More info
Indigo® Platinum MasterCard®
Indigo® Platinum MasterCard®

APR

23.9
variable

Annual fee

75 For the first year
More info
Barclaycard Ring™ Mastercard®
Barclaycard Ring™ Mastercard®

APR

13.99
variable

Annual fee

0 For the first year
More info
feedback