Feb. 24, 2014
CBS News - In the new reality of surging payment card fraud and identity theft, consumers aren't always up to the task of fighting thieves.
About 90 percent of consumers either fail to check their payment card statements or only skim them, which means many victims fail to catch fraudulent charges on a timely basis, said Yaron Samid, the chief executive of BillGuard, citing research his company conducted.
"People really need to wake up to the reality that data breaches are the new norm," Samid said. "There's no technological substitute for carefully reviewing your debit and credit card statements regularly."
Consumers might not be faulted for wondering if fighting fraud is a losing proposition, given Target's massive breach and subsequent disclosures of hacks from the likes of Neiman Marcus and Michaels, But security experts caution that consumers need to view themselves as part of the solution and take steps at home to prevent thieves from accessing their data or payment card information.
While consumers aren't liable for most fraudulent credit card charges, there are some caveats: If a victim doesn't report unauthorized charges until after two days have passed, she has a $50 liability. But debit cards are trickier, with customers liable for up to $500 if more than two days have passed, according to the U.S. Federal Trade Commission. Even worse, debit card users are liable for all losses in their debit card accounts if more than 60 calendar days have passed.
"The biggest thing to do is to be diligent about tracking your card and to set fraud alerts," said John Pironti, risk advisor with ISACA, an IT and information security association, and president of IP Architects. "Almost all card issuers can put alerts on spending and transactions, so you'll get text messages if a purchase is outside of the norm."
That means that a customer who never spends more than $100 could ask to be alerted by text message if a transaction larger than that turns up on his card, for example.
What's driving the recent rise in data breaches? Some of the problem lies in America's outdated credit card system. Most issuers use magnetic-stripe cards, instead of the "chip and PIN" cards favored in Europe, which are harder to hack.
"The magnetic strip technology is from the 1970s, and our adversaries are not using tech from the 1970s," Pironti notes.
Below are five steps for protecting yourself and your payment cards, gleaned from three security experts interviewed by CBS MoneyWatch:
1. Check your payment card and bank accounts regularly by going online to check for unusual activity.
2. Set up transaction alerts that will provide warnings about unusual activity, such as large transactions.
3. Limit your disclosure of personal information on social-media sites.
4. Avoid situations where your credit-card is taken out of view.
5. Don't click on links in suspicious emails, especially if the email asks for personal or card information.