Categories
Payment cards Technology & business

Payment card theft

Seems every day there are new reports of payment and credit card theft. Explore how payment card theft happens, and how to protect yourself.

” Florida Tackles Gas-Pump Skimmers ” [CSP Daily]

” Florida gas pump thefts rise as credit-card skimmers get more savvy ” [Orlando Sentinel]

” Men from Florida charged with using stolen credit card numbers ” [WHNT]

Seems every day there are new reports of payment and credit card theft.  Lest one consider these news reports as overhyped, read the statistics: In 2016 alone, fraud losses topped $16 Million. Nearly 50% of us in North America have been a victim of payment card fraud.  Of those who have been defrauded nearly 2/3rds lost money in the process.  That means, if you have not experienced payment card fraud, statistics say your neighbor has.

This paper will explore payment card theft techniques, then make a case on how to protect yourself from payment card theft, and finally provide a few interesting statistics and quotes related to payment cards.

1. Payment card theft techniques

In order to understand how to protect yourself from payment card theft, first consider a few ways card information is compromised.   

Data breaches

Pixabay - Data breaches are never as beautiful as this humpback whale breaching
Pixabay – Data breaches are never as beautiful as this humpback whale breaching

The most newsworthy payment card theft is data breaches, with retailers such as Target, Home Depot, Whole Foods, Delta, and Best Buy being recent targets where their customers were the victims.

Skimming/shimming

Skimming
Skimming

A less impactful but equally common situation is payment card skimming/shimming.  In this malevolent technique, the bad actor places a secondary reader over the existing point of sale terminal that captures individual (per transaction) payment card track information and uses that information to replicate the cards.

Online interception

A similar “skimming” technique happens with online merchants, where a bad actor intercepts credit card information in transit to the merchant.

Physical interception

Physical interception of the card itself is another technique.  In this process, the bad actor steals the payment card information during the point of sale transaction, such as a cashier or restaurant worker making a copy of the card information before returning it to the owner.

2. How to avoid being a victim

Now that you know some of the basic methods of payment card theft, let’s consider how to avoid being a victim.  Here are a few ideas:

Real time alerts

Pixabay - real time alerts
Pixabay – real time alerts

Add real time alerts on cards and bank accounts!  While this will not prevent the “very first” transaction, you will quickly know someone is using your payment cards.  If unexpected transactions come through, quickly call your credit card company.

Reconcile payment card bills

Check your transactions!  Reconcile your transactions weekly or monthly, so you know the charges against your accounts.

Use credit cards

Use credit cards if possible!  Avoid using debit cards for retail and online transactions.  Be sure to understand your liabilities in either case.  With most credit cards, the consumer is not liable for fraudulent activity if the issuer is notified quickly.  With debit cards, fraudulent activity loss is normally capped at no more than $50 if the issuer is notified quickly.  However, if a thief controls a debit card attached to your checking account, your funds could be (at least temporarily) depleted.  The problem is that while the bank is likely to replenish the losses, if you need that money to clear checks before being restored, you may wind up overdrawn or having checked returned with non-sufficient funds (known as NSF).  The bank may reimburse their own overdrawn fees, but the merchants you have paid may not be as forgiving.

Be alert!

Most of all be alert!  Look for skimmers at point of sale transactions, and look for HTTPS leading the web address with online transactions.  In general, look for signs of trouble.  Use higher traffic machines if possible, since more people will have had the opportunity of identifying “not so right” situations.  If you have nagging questions about a physical machine or an online merchant, “just say no” and find a different merchant.  Remember, security starts with you.

3. Did you know?

  • Only 10% of the words currency is physical money.  The rest exists on computers!
  • Electronic payment company ACI Worldwide estimates that 46% of Americans have had their card information compromised at some point in the past 5 years.
  • The U.S. adopted EMV in 2015, a technology that makes counterfeiting cards more difficult.  While EMV helps with reducing in-store fraud, it does not help online fraud.  In addition, with the difficulty in counterfeiting cards, fraudsters now target new accounts (as opposed to existing accounts).  By the end of 2015, there was a 113% increase in new account fraud, which accounted for 20% of all fraud losses.
  • In 65% of fraud cases, credit card fraud results in a direct or indirect financial loss for the victim.
  • Florida tops the list of Federal Trade Commission fraud reports, with over 300,000 fraud complaints filed in 2015 alone.
  • Credit card fraud losses topped $24.71 billion in 2016 according to The Nilson Report, a 12% increase over the previous year.
  • There is a new identity theft victim every two seconds according to a report from Javelin Strategy, and many of the incidents involve credit cards.
  • Almost half of the world’s credit card fraud (47%) happens here in the United States according to a report from Barclays.

References

  1. Payment Card Industry Security Standards Institute,
    https://www.pcisecuritystandards.org/
  2. PCI DSS Quick Reference Guide,
    https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf
  3. “Florida Tackles Gas-Pump Skimmers”,
    https://www.cspdailynews.com/fuels/florida-tackles-gas-pump-skimmers
  4. “Florida gas pump thefts rise as credit-card skimmers get more savvy”,
    https://www.orlandosentinel.com/business/os-bz-credit-card-skimmers-20181108-story.html
  5. “Men from Florida charged with using stolen credit card numbers in Huntsville area”,
    https://whnt.com/2019/03/11/men-from-miami-charged-with-using-stolen-credit-card-numbers-in-huntsville-area/

Leave a Reply