Protect Your Credit Card from Sneaky Cyber Thieves
On Saturday, January 25, Michaels, the largest craft supply chain in the United States announced it is investigating whether its customers’ credit cards had been hacked while making purchases. If confirmed, it is the latest in a string of in-store credit card breaches.
Between November 29, 2013 and December 15, 2013, during the Black Friday shopping frenzy and peak Christmas shopping season, cyber thieves silently stole credit card and debit card information from as many as 40 million Target shoppers across the United States. An additional 70 million Target customers had personal information, such as email and phone numbers, stolen. As the nation’s third largest retailer, Target’s security lapse is not only embarrassing, it is expensive, and not just for Target. Target has arranged for affected customers to receive a free year of credit monitoring. Some banks reissued credit cards at a cost of up to $10 a card. (Time will tell if they sue Target to recoup those costs.) Millions of customers who shopped at Target in the weeks immediately following Thanksgiving are now inconvenienced by the need to monitor vigilantly their credit card statements. Some will have to fight fraudulent charges. Last week, a couple was arrested entering South Texas from Mexico with 96 fraudulent credit cards. What was not yet clear was whether those fraudulent cards were created with information stolen during the Target security breach.
The Target case is shocking because of the scope of the breach and the Grinch-like timing, but its customers were not the only recent victims. Between July 16, 2013 and October 30, 2013, credit card information was stolen from customers at Neiman Marcus the luxury department store. Earlier this month, Neiman Marcus increased its estimate of affected customers to 1.1 million.
The widespread breach of credit card security at major retailers and the pattern of credit card insecurity put the issue of credit card security front and center for customers, banks, retailers, and legislators. (A congressional hearing is scheduled in early February to discuss the issue.) The average American owns eight credit cards. Customers want to shop for Legos, electronics, milk and cereal, clothes, and craft supplies without fear that their credit card information will be stolen as they swipe. Do not be the next credit card target; discover how credit cards work, how new technologies can prevent cyber thieves from covertly stealing credit card information, and how you and your parents can protect your credit cards.
How Credit Cards Work
Because credit cards contain information that allows the user to access your bank accounts and to spend money in your name, it is important that they include security measures. Discover how credit cards are made, and the steps taken to protect your information. In the United States, account and personal information is coded onto the black magnetic strip on the back of a credit card. HowStuffWorks explains how that magnetic strip works and what information is coded on it. Then check your understanding of how magnetic strips work with a short quiz. The numbers pressed into the front of your card are not random; they share bank and customer information.
You are in a store and you see a blue fizzle bopper, the latest edition, and it must be yours. You swipe your credit card, and the magstrip on the back shares your account information. For 10 seconds you wait…and then you read “Authorized” and you know the new blue fizzle bopper is yours. In the seconds that pass between your swipe and the ”Authorized” message, a series of cyber communications occur between the customer (you), the merchant (store), the processor, the card company (Visa, Amex), and the card issuer (bank). Explore Creditcard.com’s interactive explanation of the four stages of a credit card transaction. Watch each of the four stages (in order) and then ‘view all.’
Neither the magnetic strips nor the transaction process are perfectly secure. The magnetic strip is especially vulnerable. Thieves use these security gaps to steal financial information. Diane Rehm explored the risks to credit cards on a recent show. Hear her guest, Shane Sims of PriceWaterhouseCoopers, explain how thieves use the mag stripes and transaction process to steal information. Listen from 3:30 to 7:00.
In the first video, you saw how a chip and PIN is inserted into credit cards. Although this technology has been used in Europe for years, it is not widely used in the United States. Some experts believe chip and PIN technology would drastically reduce the incidents of fraud in the United States. View SmartAlliance’s slideshow to learn what chip-enabled EMV credit cards are, why they are considered more secure, and when you can expect to see them in a wallet near you.
Revisit the Diane Rehm show and listen to Shane Sims, Mark Horwedel of the Merchant Advisory Group, and Doug Johnson of the American Bankers Association discuss the EMV cards and why they are more secure; this time play from 9:16 to 12:20. Learn more about the politics and the costs of switching to the EMV cards from Robin Slidell of the Wall Street Journal. Listen from 13:55 to 21:57.
The mag stripe may be American credit card users’ Achilles heel, but the news is not all bad. Doug Johnson of the American Bankers Association shares with Diane Rehm how customer protections help shield consumers from huge financial losses. Finally, PBS’ Newshour shares tips to protect your data. Of course, you can always use cash. Visit PracticalMoneySkills for ways to protect yourself against fraud.
As you read the local newspaper this week, turn to the financial pages. This is a section you may not read often. What events and issues are headline news? How are the data breaches being covered? What new information is available about the breach to Michaels customer data?
Congress plans to discuss this matter on February 4. Write a letter to your Congressmen this week and share with them your views about credit card security, EMV cards, or credit card fraud. You can find your Congressmen's contact information here.