EMV chip credit cards made their widespread debut this year, but that doesn’t mean your credit cards and debit cards are impervious to fraud. In fact, the chips are only truly effective if you use them for in-store transactions. Their security code changes every time you dip one, so thieves using skimming devices at registers can’t get all the information they would need to create a counterfeit copy. This protection, however, is negated when you shop online and input all your account information into a checkout page.
Given this caveat, you may want to take a few extra steps to protect your card numbers while shopping the Web. For starters, “don’t click on links that are supposedly promotions, especially from retailers that have been breached,” said Adam Levin, author of a new book on identity theft, Swiped, and chairman and co-founder of Credit.com. These links “could take you to a clone site,” he said. Once there, thieves will attempt to get your payment or personal information or, alternately, clicking could download malware onto your computer that does the same thing.
Levin also suggests avoiding debit cards when it comes time to do your online shopping. That’s because credit cards typically carry stronger fraud protections than their debit counterparts, thanks to differences in the federal laws that regulate both payment options. Here are some other ways to safeguard your card data.
- Shop only on encrypted sites. You can tell a site is encrypted by a “https” in the browser. Be similarly wary of shopping on public Wi-Fi networks.
- Refrain from auto-saving passwords or storing card numbers in online or mobile accounts you open with retailers and/or financial institutions. You may also want to designate one card to be the one you use online to minimize the odds of having to replace a bunch of cards, should multiple breaches occur.
- Use “long and strong” passwords to protect all of your accounts, Levin said. These types of passwords use both upper- and lowercase letters, and are at least 10 characters. You should also avoid using the same password to protect multiple sites or accounts.
- “Look into virtual card numbers,” Levin said. Some banks and credit card issuers give their cardholders the option to create one-time, disposable card numbers to increase security while shopping online.
Not a Fail-Safe
Remember, even when you take the proper precautions, there’s no guarantee your credit card or debit card information won’t fall into the wrong hands. (And if a thief has your actual chip card, it can be used until it is reported lost or stolen.) That’s why it’s still important to monitor your account regularly for unauthorized charges. “You can also sign up for transactional alerts,” Levin said. Many financial institutions will email or text cardholders when card-not-present charges are made, if they ask to be notified. If you spot any unfamiliar charges, it’s in your best interest to report the fraud immediately to minimize the odds of being held liable and to have the card replaced.
And, if you’re ever given reason to believe that your personal information was compromised, you should monitor your credit for signs your identity has been stolen. (You can pull your credit reports for free each year at AnnualCreditReport.com and see your free credit report card each month on Credit.com.) If you are a victim of identity theft, you can notify the local authorities, file a compliant with the Federal Trade Commission and contract your creditors and the three major credit bureaus to dispute the fraudulent activity appearing on your credit report.
More on Identity Theft:
- Identity Theft: What You Need to Know
- How Can You Tell If Your Identity Has Been Stolen?
- What Should I Do If I’m a Victim of Identity Theft?