April 11th, 2014
Jenna here. This week produced a lot of cyber security and identity theft news. Here are a few of our favorite articles (and a video) from this week.
The Truth About Using Debit vs. Credit, USA Money
If you are unable to see the video, click here to watch: http://www.usatoday.com/story/tech/columnist/komando/2014/04/11/4-places-you-should-not-swipe-your-debit-card/7436229/
Why U.S. Retailers Are Still Vulnerable to Card Fraud, Bloomberg Businessweek
February 25th, 2014
Aaron here, AllClear ID Investigator. Getting a letter from a creditor explaining that your credit card information may have been compromised in a data breach can be very upsetting. Recent high-profile breaches have caused greater concern about debit and credit card fraud, and more people are asking “What should I do if this happens to me?”
What to Do
Credit card fraud can be a headache to deal with, but there are some simple steps to make it less so. Most people who have credit card fraud have to wait until the charge gets out of the pending stage and posts to the account to dispute all charges with the credit card company. Depending on the amount of the loss, the bank may also require an FTC affidavit or a police report before they will clear you of the fraud. This process can take a good amount of time.
If by chance you find you are affected by a breach like this, here are some tips that will help you in dealing with it:
First off, don’t panic and get as much information as you can about the breach. Next:
• Contact the issuer of any cards which may have been affected and let them know what’s happened. See if they have any options for added security on the card or, as we usually suggest, just request that they replace it with a new card and new number. This will help prevent fraudulent charges in the future.
• If you find that you already have fraudulent transactions at the time of the notice, contact the credit card issuer and let them know what charges are not yours and request they initiate the dispute process. This should include them automatically shutting down that card and replacing it with a new one.
• Remain calm and follow instructions provided by the creditor. Their dispute process should reimburse you fully for fraudulent transactions.
As a credit card holder, you have the right to contact the credit issuer and ask to set up increased security measures for that credit card regardless of whether your information has been breached or not. Most offer some sort of security measure ranging from setting passwords to ensure no one can call in and change info on your account without it, to having someone from the security department of the bank contact you about any suspicious charges to make sure they are legitimate. For more information on what type of security features your credit card company offers, contact the customer service department of the financial institution that issues your card.
And, as always, if you have experienced fraud or simply wish to ask for questions or guidance you can always reach out to the team here at AllClear ID via Facebook, Twitter, Support@AllClearID.com, or via phone (855) 434-8077.
February 7th, 2014
Juan here, AllClear ID Investigator.
Skimmers: You might have been affected by one already. I know I have, and help many people each week who have fallen victim.
A skimmer is a device that can be affixed to an ATM, gas pump, or any other credit card reader. Its purpose is to store or transmit the card data, sometimes including a PIN. It is, without a doubt, a problem across the nation. If you are ever wondering how it is that your credit card number was compromised, or how an account was charged while you are still in possession of the card, it is likely the card number was skimmed.
These machines are very hard to detect, and, as you can see, serve only one purpose – to intercept card data. One would think that this kind of device is illegal, but, it is not – well, at least not everywhere. (Yet?)
In an attempt to crack down on credit card skimming, Michigan has now made it illegal to sell, buy, or use a skimmer. Violating the law carries a felony punishment of up to five years in prison and a $100,000 fine. Unlike most items that go to the legislature, this one received unanimous support.
I can only hope that this becomes a model law for other states. As it is, continue to look out for skimmers and check your credit card statements and credit report for any unauthorized charges.
February 6th, 2014
Jackie here. Do you check your credit card statement each month? If not, you are just the type of victim the scammers in this new scam are looking for. Check your statements carefully (monthly at least, but more often if you can) and be on the lookout for any charges you didn’t authorize—even small ones.
In this new scam small charges are appearing on credit card statements that appear to originate from an unknown website. Victims of this scam that notice the false charges often visit the listed website for more information. They are directed to a customer service page with a call in number. Upon contacting the company they are promised a full refund (which probably won’t occur). In recent versions of the scam, the reported charges are $9.84, but this is likely to change as more people learn about the scam.
The scammers are preying on the fact that few people check their bank statements. They assume that most people won’t bother to contest (or even notice) such a small charge. The amount taken might appear small, but even small amounts taken from many people can add up to big dollars for the scammers.
How to Protect Yourself
The easiest way to protect yourself from this scam and other similar ones is to check your credit card information often. Write down the purchases you make and compare them with the amounts charged on your card to ensure they match. Report any discrepancies to your credit card company. In most instances you are you are legally entitled to fraud protections should your card be compromised, provided you report the problem quickly.
In addition to watching your statement, be aware that this scam is going around. If you do see a charge from an unknown company, contact your credit card company, not the company in question. Request a new card, even if you’ve been assured the false charge has been cancelled.
Learn more about this scam here.
January 29th, 2014
Jenna here. Our favorite articles for this week are here (finally). We have expert tips about how to boost the security of your payment cards in simple ways, as well as information about how the NSA might be using a favorite phone app to gather more information about you. Enjoy!
How to Boost Security of Your Payment Cards, USA Today
A Little (Angry) Bird Told the NSA What You’re Up To, ABC News
January 20th, 2014
Robert Siciliano, Identity Theft Expert
America the Superpower is also the super choice for criminals wanting to steal credit card information. Security experts warn that this problem will get worse before it improves.
That ancient technology of the magnetic strip on the back of credit and debit cards is a godsend to criminals. The easy-to-copy band stores account information using a technology the same as that of cassette tapes. U.S. credit card technology has not kept up with fraudsters. One challenge facing the industry is that it is very expensive for companies to upgrade their credit card security.
When a card is swiped, the strip allows communication between the retailer’s bank and the customer’s bank: 1.4 seconds. That’s enough time for the network to record the cardholder’s information on computers controlled by the payment processing companies.
Hackers can snatch account data (including security codes) as it crosses the network or steal it from databases. Though the security code is required for most online purchases, thieves don’t care as long as the magnetic strips are easily reproducible and placed on fake cards—which they then use for purchases or sell the card data online. Three bucks will get you a fraudulent card with limited customer information and a low balance.
You’ll have to wait at least until the fall of 2015 for U.S. credit card companies to ditch the magnetic strips for digital chips. Retailers want more: each transaction to require a PIN rather than signature.
What can retailers do in the meantime?
- Internet-based payment systems should be protected from hackers with strong firewalls.
- Data should be encrypted, so that hackers see gibberish.
This may be easier said than done, because implementing these safeguards isn’t cheap. The U.S. lags behind most other nations when it comes to credit and debit cards; most countries’ cards use the digital chips that contain account information.
Every time the card is used, the chip generates a code that’s unique. This makes it a lot harder for criminals to duplicate the cards—so difficult, in fact, that usually they don’t even bother trying to replicate them. It would really be great if the U.S. could catch on to this technology.
Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.
November 22nd, 2013
Tamara here, AllClear ID Investigator. Visa has announced that it has enhanced its Advanced Authorization (VAA) technology to help detect and prevent possible electronic payments fraud.
Visa Advanced Authorization (VAA) is a risk management tool related to payment processing. It monitors and assesses the authorization request based on a number of different factors, including account data and event data. It then populates a message (a VisaNet authorization message) that includes a Risk Score and a Compound Account Risk Condition Code. The Risk Score indicates the chances the transaction itself is fraud, and the Compound Account Risk Condition Code assesses unusual activity and assigns a risk evaluator.
About the Improvements to VAA
Improvements to the VAA are numerous. One such improvement is to the specific account profile. Visa has added more transactional history data, along with the additional neural networks to analyze that data. Improving the account profile, a major component in calculating the Risk Score, greatly improves the accuracy of detecting fraud in debit and credit transactions, both in person and online (or any other place where the card is not present during the transaction).
In addition to improving the account profile, Visa has increased the risk indicators for the Automated Fuel Dispensers (AFD) transactions. When Visa detects suspicious activity at a specific gas station, it applies the risk indicators to each transaction processed at that station. It also applies the account activity at AFDs compared to the account’s legitimate trending in the risk score determination. Implementing these improvements are effective in fraud detection of transactions for both consumer, commercial, in person, and card not present transactions.
As Mark Nelsen, Head of Risk and Authentication Products, Visa Inc., states, “Cardholders, merchants, and issuers all want to have confidence in the convenience and the security of every Visa transaction. The great improvements we’ve made in Advanced Authorization this year were designed to do just that: fight fraud and its costs to financial institutions and merchants, while also ensuring legitimate transactions are handled with the speed and convenience that consumers and merchants want.”
For consumers, changes to this system could mean increased security and a lower chance of payment fraud, but we will have to wait and see to what degree these changes help.
September 30th, 2013
Christy here, AllClear ID Investigator. An unfortunate truth these days is that almost everyone is aware of the real threat of identity theft in its many forms, especially takeover of existing accounts. But how many of us are clear on why the credit card company isn’t responsible, and why the consumer cannot take legal action against the creditor for identity theft damages? There are a few logical theories, however, the main reason is in the fine print of the agreement signed when you opened the account. Many credit card contracts contain a mandatory arbitration provision which states that your consent to opening the credit card waives your right to a jury trial should disputes arise. Basically, any issues/disputes have to be settled through arbitration, for which the creditor selects and hires the arbitrator. A loss on the consumer side may result in the consumer paying those arbitrator fees.
All of this being said, there are beneficial clauses in the agreement a consumer signs when opening a credit card. The biggest one is that, under the Consumer Credit Protection Act, a consumer is not liable for more than $50 of unauthorized charges. Also, the consumer is not liable for any additional charges that occur after they have reported a card stolen or compromised. As for the fee, many times the issuer will waive the $50, though this is a decision completely owned by them. If the credit card number, but not the card itself, is stolen you are not typically held liable for any unauthorized use.
As you can see, the agreement signed upon issuing a credit card is something that is there to protect both the issuer and the consumer. As for detecting any unauthorized activity, the best thing anyone can do is be vigilant about monitoring your statements, shredding sensitive documents, and being wary of suspicious links or card readers. Some credit issuers have additional services they offer for monitoring your account, however the availability (and cost, or lack of) will vary from creditor to creditor.
August 16th, 2013
Jackie here. On a recent trip to the grocery store I pulled out my credit card to pay for groceries, only to have it declined. It was quite embarrassing. Luckily, I had another card on hand and was able to make my purchase. I left the store and immediately called the bank to see what was happening. They told me a fraud alert had been placed on my card. After I answered a few questions, the hold was removed and my card was back in working order. But, a question remained: what triggers a fraud alert on your credit card?
Potential Triggers for a Credit Card Freeze
Credit card companies want to minimize fraud and reduce the amount lost if a credit card is stolen. They have developed complex processes to identify potentially compromised cards. While many factors can lead to a freeze on your card, there are a few red flags that card companies may be watching out for. Check out a couple of interesting articles on the topic here and here.
Gas Station Purchases
I buy gas with my credit card all of the time, but surprisingly this can be a trigger for a fraud alert on your card. Thieves often test cards to see if they are working by making a small purchase or by filling up at a gas station. Gas stations are a great place to make a test purchase since you can usually pay at the pump without ever having to show id or even talk with an employee. If buying gas always resulted in a fraud alert, no one would use their cards to fill up; alerts are more likely when getting gas in a different part of town or in a different city than usual.
Shopping in a Fraud Prone Area
Making purchases in a known fraud area can be another red flag for your credit card company, especially if the purchases are for large dollar amounts or on merchandise that is easily resold (think electronics, gold, jewelry, etc.).
Using the Card to Get Cash
Getting cash with a credit card (or buying gift cards and other similar items) can be a potential sign of fraud to your bank. ID thieves are often after financial gain, and taking out cash directly eliminates the need for them to use the stolen card to buy items, and then resell those items for cash.
If your card is being used to make purchases across the country or around the globe, it might be flagged for fraud. This often leads to vacationers or frequent business travelers getting the unfortunate surprise of a card that won’t work. To eliminate this flag for legitimate transactions, call your bank and let them know the dates and location of your vacation before you leave.
Changes in Purchasing Patterns
Most people are pretty consistent in their spending habits. They shop in the same areas, buy the same type of things, etc. Changes to this pattern can trigger a fraud alert. Since your credit card company has an extensive history of your purchasing habits, they know the type of things that you are likely (or not likely) to buy.
Fraud holds on legitimate transactions might be irritating, especially when there is a fairly long list of triggers banks use to detect fraud. However, these fraud holds are often the first warning sign of id theft and credit card fraud that many consumers receive.
August 12th, 2013
Jackie here. We’ve been talking a lot about “Big Data” lately and I have to admit it makes me feel a little paranoid. When I swipe my credit card at the grocery store or make a purchase online I can’t help but wonder what information merchants are collecting and sharing about me. While there is probably no way to fully escape the big data trend, there are some ways to incorporate more anonymous spending into your daily routine, if you are looking to get away from the trend of companies tracking your purchase history. Let’s take a look at some of the benefits of purchasing anonymously.
What Are the Benefits of Purchasing Anonymously?
This article by Forbes provides some interesting insight into the benefits of making anonymous purchases. Check it out if you have the time. Some of the benefits of anonymous purchasing include:
- Avoid Marketing for Purchases- Card companies monitor and record each and every purchase you make. This information is often sold to marketers who may send you targeted advertisements based on your purchasing patterns. By using an anonymous card, you may be able to avoid much of this targeted advertising.
- Keep Information Out of “Big Data’s” Hands- We’ve talked quite a bit about the dangers of sharing too much information. By using an anonymous credit card you limit the information you share with data companies. This may be a helpful way to cut down on the amount of information about you that is available to data brokerage firms and advertisers.
- Avoid Fraud- Many people use anonymous cards to protect their bank accounts from unauthorized purchases and credit card fraud. With a prepaid card, the amount you could potentially lose is limited to the amount on the card, whereas with a bank account you could lose everything. This gets a bit tricky though when you factor in the fraud protections available to you. Regular credit cards and debit cards have limited consumer liability if the card is used fraudulentl. With prepaid cards, the protections are much weaker.
- Don’t Ruin the Surprise- When you share accounts with a spouse or significant other it can be hard to buy gifts. Your partner often knows exactly what you’ve purchased from online records. Anonymous cards can help you buy a surprise that will actually stay a surprise.
Do you use anonymous cards? What are your reasons?
July 29th, 2013
Jackie here. As I’ve grown older, I’ve stopped using the credit cards I’d gotten as a teenager and started using cards with higher limits, rewards, and lower interest rates. My old cards are simply put away, the accounts still open but forgotten. These credit cards are at risk for compromise, just like the other cards I use. Don’t think that a dormant credit card can’t be used by id thieves.
One employee at a credit card company started creating new cards for dormant accounts. She would then provide these cards to accomplices to rack up charges on the stolen account numbers. In this particular instance, the cards were used to buy construction materials which were then either used or sold. In total, more than half a million dollars was stolen, all from dormant credit card accounts.
This story is an excellent reminder to not forget about those old or rarely used cards. Make sure you regularly check the statements for all your credit cards, even those you don’t use often. If you have many dormant cards, you may want to consider closing some of the accounts entirely, and consolidating the number of credit cards you have in your name. In fact, dormant cards might be more appealing to id thieves since the accounts are often not monitored and the theft may take longer to discover. Finding the signs of compromise early on is essential and makes it easier to resolve id theft. You can find a list of all the credit cards in your name on your credit report.
Check out the full news story here.
June 21st, 2013
Jackie here. What will the credit card industry look like in a few years? I recently stumbled across this article about the future of credit cards that got me thinking about the future of id theft in relation to credit cards. While only time will tell where we will be in a few years, it is interesting to consider some of the changes that may soon be coming our way.
Credit Cards and Big Data
Your credit card company knows a lot about you. They know where you spend your money, what you buy, and how much you make. To earn extra profits, credit card companies may start tracking and using this information to provide relevant offers. I know that some of my banks currently include small advertisements in my online statements directing me to savings if I make a purchase from select companies. For example, if I make a purchase at a hardware store, I may later see an ad offering 5% savings if I purchase from their competitor the next time around.
Increased Mobile Offerings
Credit card companies may also increase their mobile offerings. The article I read mentioned offering deals to mobile customers on the go, but other potential arenas for mobile expansion include mobile payments and other apps that can make banking, budgeting, and finances easier to manage on the go.
Less Junk Mail
Advertising isn’t going to stop, but odds are we’ll see changes in the ways companies reach out to their customers. Junk mail will probably decline, while social media marketing is likely to increase. Other forms of online media are important as well, including blogs, websites, etc.
Identity Theft Still a Problem
As the industry integrates new strategies into their operations, credit cards will remain a target for id thieves. Understanding your rights as a cardholder, knowing what legal protections you have and being smart about the way you access your accounts online can help keep you safe.
Keeping your identity safe means staying aware of changes in the credit card and financial industry, and protecting yourself from credit card fraud. While we don’t know where the future will take credit cards, we’ll help keep you updated here on the AllClear ID blog.
June 20th, 2013
Jackie here. I’m certainly looking forward to traveling this summer; I plan on seeing lots of exciting new places and hopefully keeping my identity safe and sound at home where it belongs. One tool that may help keep some travelers safe on the road is a new type of RFID-blocking luggage designed to shield smartphones, tablets, and RFID chipped credit cards from wireless attacks on your identity. Check out this article for more information.
What Are Wireless Attacks?
Even if id thieves don’t have access to your actual credit cards, they may be able to get information off of them. If your cards are embedded with an RFID chip (currently few cards in the U. S. use this technology, but it is gaining in popularity) thieves can use a special device to siphon information such as the credit card number and security code remotely. RFID technology isn’t just limited to credit cards though; passports are another potential target. Wireless signals transmitted from smartphones and other devices, while not RIFD enabled, are also vulnerable to wireless attacks.
Blocking the Signal
Since thieves can access this sensitive information without ever having to physically touch your card, passport, or wireless device, keeping your information safe can be difficult. New technology in the luggage industry seeks to combat this problem by creating special RFID-blocking pockets that can keep your personal information shielded from thieves. The pockets block transmission of electromagnetic signals, making it impossible for thieves to gain access to credit card information, even if your card uses an RFID chip. Additionally electronic devices placed in the pockets cannot connect to wireless networks or transmit information while inside the luggage.
Other Tips for Keeping Safe
While the new luggage options may be a wise choice for some travelers, there are a few steps you can take while you travel to keep you identity safe without having to go out and buy a new suitcase. Here are a few tips for protecting your identity on the go:
• Turn Off Your Device- While RFID blocking pouches can keep small electronics from accessing wireless networks, turning off your device can be equally effective. If you’re worried about someone accessing your device remotely, you can turn it off and remove the battery before you travel.
• Don’t Automatically Connect- Another important security setting on wireless devices involves ensuring that you don’t automatically connect to unknown networks. Turn the Wi-Fi settings for automatic connection off and instead manually connect to networks you trust only.
• Don’t Store Passwords on Your Phone- Storing a password on your phone is easy, but poses a big risk to your identity. Manually input passwords for things like social networking sites, online banking, etc. each and every time rather than saving the information to your phone.
May your summer travels be filled with fun and free from identity theft!
October 11th, 2012
Matt here, with the AllClear Investigation team. Most people are well aware of the variety of phishing scams out there. “Phishing” is attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication or over the phone.
A popular financial institution being used for a recent scam is Citibank. There are many reports already out regarding hoards of phishing emails supposedly from Citibank, which supplement the large number of customers who have reported these to us. These emails claim that, due to multiple failed login attempts, the account holder must confirm account information or the account will be suspended indefinitely. The unsuspecting Citibank customer will then click on the link provided which routes them to a website that the scammers have created. This website looks like the legitimate Citibank website and asks for personal information which can then be harvested by the scammers and used for credit card fraud and identity theft.
A brand new scam that we’ve found with our customers involves phishing phone calls has now been popping up. The victim will receive several phone calls pretending to be from Citibank. They will leave a voicemail asking for a call back to discuss “your Citibank account”. These phone calls will be sent out by the thousands, and at least a few of them will reach actual Citibank customers. When the victim calls back the number provided, they hear a recording that sounds identical to the recording you would hear when you call the real Citibank. It will say “Thank you for calling Citi cards, servicing Citi and AT&T Universal card accounts. For assistance in English press one.” “This call may be monitored and recorded for quality assurance. “ It will then ask you “to expedite the handling of your call by typing in your 16 digit account number”. Once you have typed it in, the phone disconnects. Now the scammers have taken your credit card information and soon after will be maxing out your account.
To protect against either of these types of scams, just always remember that legitimate companies do not do business this way. If you ever receive an email or phone call saying that there is a problem with one of your accounts, do not follow the steps that you are instructed to follow. Instead, call the phone number listed on the back of your credit or debit card. The customer service representative on the other end will be able to tell you if there is actually a problem with your account.
October 10th, 2012
Tamara here with the AllClear Investigators. It’s hard to find anyone nowadays that has not had fraudulent charges on their credit or debit card. It can happen a number of ways, whether the card was skimmed, the number compromised in a breach, physically stolen, provided to a scam artist, or obtained online as a result of malicious software. Per the Federal Trade Commission and the Consumer Sentinel Network Report, 8.1% of complaints filed involved existing account fraud at banks and for credit cards in 2011. Though that is a 1.4% decline from the previous year, it is still an issue which needs to be addressed.
One route card issuers are taking to help combat this type of theft is the implementation of EMV chip cards. EMV stands for Europay, MasterCard, and Visa. An EMV card would help ensure secure transactions with dynamic authentication and chip technology. Let’s take a look at these.
Dynamic authentication uses cryptography (or other means) to create a one-time use authenticator, which changes with each transaction. Essentially, a different seal for each charge is created and verified. This is helpful in reducing fraud by limiting a thief’s ability to duplicate the authenticator.
For chip technology, the card is inserted to an acceptance device and initiates contact and exchanges data with the terminal. Another form of chip card technology is where the card is waved over a reader, communicating via radio frequency. Additionally, the cardholder verification is secured by the chip when the correct PIN (Personal Identification Number) is entered.
The chip itself will help to reduce fraud due to the fact that the information cannot be skimmed. Magnetic strip cards are easily skimmed with the cardholder being unaware, until the victim discovers the fraudulent charges.
That being said, EMV transactions are still vulnerable to “man in the middle” attacks. Put simply, the stolen card is inserted into a “man-in-the-middle” device then used as usual. The criminal can enter any PIN and the device will randomly generate the authentication seal and confirm the PIN, authorizing the transaction. Though the PIN was not correct (they could enter something as simple as 0000), it is reflected on both ends as being so. A larger down side of this is, because records will show a “correct” PIN was entered, it can make it difficult to dispute the charges.
Though cards have been issued worldwide – over 750 million – they are slowly migrating to the United States. Be sure to inquire about EMV technology and whether or not your financial institution is planning on implementing this new technology.
Note: For clarity edits were made on 11/5/2012 to the following parts of this blog post:
- Sentence: This is helpful to reduce fraud due to the reduction of duplicity. Changed to: This is helpful in reducing fraud by limiting a thief’s ability to duplicate the authenticator.
- Sentence: For chip technology, the card is inserted to an acceptance device and imitates contact and exchanges data with the terminal. Changed to: For chip technology, the card is inserted to an acceptance device and initiates contact and exchanges data with the terminal.
September 5th, 2012
Aaron here, with the AllClear Investigation team. Credit is one of the first places identity theft is discovered, so knowing the status of your credit is an important step when thinking about applying for a credit card. As easy as it is to apply, we recommend you not jump straight into the credit application process before reviewing your credit and taking care of any problems you may find. This is important as every time you apply for a credit card the creditor does a “hard inquiry” on your credit report. Each time this is done, your credit score is lowered temporarily, so the best option you have is not to apply unless you are confident you will be approved. The standard hit to your credit score per inquiry is approximately 5 points, lasting for 6 months from the date of the inquiry.
Bad credit history – even as the result of identity theft – could make you ineligible for the credit cards that offer lower interest rates, higher limits, cash back offers, and other good benefits. A lot goes on behind the scenes when you apply for a credit card, so review my recommendations below before applying for a credit card.
Know your Credit Score: Checking your credit score does cause an inquiry however it is what is called a “soft inquiry” which does not affect your credit score. Your credit score can range from 300-850 and is a result of your reported credit history. The lower your score, the higher the risk for creditors to decline you or may result in approval but with much less favorable terms. As for your credit history itself, there are three major credit bureaus to which is reported – Trans Union, Experian, and Equifax – who each hold an individual credit score based on five factors:
- 35 percent – Payment History
- 30 percent – Amounts Owed
- 15 percent – Length of Credit History
- 10 percent – New Credit
- 10 percent- Types of Credit Used
Each bureau usually has slightly different scores then one another, because each bureau may show slightly different information depending on the reporting practices of each creditor.
Pull Your Credit Report: Your credit report stores the information used to compute your credit score. Every consumer is entitled to one free credit report per bureau, per year. We suggest using only www.annualcreditreport.com to request your free annual credit report as there are no hidden fees – you only incur a cost if you want your credit score with it or have pulled the report in the past 12 months. We also recommend pulling 1 of your free reports every 4 months instead of pulling all 3 at the same time so you can review them for free throughout the year.
Clean Up Any Issues: If inaccuracies are found on any of your credit reports, you have the right to dispute it and each bureau has 30 days to respond. If the dispute is resolved in your favor, the information will be removed/updated on your credit report which can also result in an increase in your credit score. You also have the right to add a short statement to your credit report (100 words or less) where you can explain any issues that may be contributing to your credit history.
Apply: Once you’re ready, know that a credit score of 650 and above will likely qualify you for credit cards that have lower interest rates and extensive benefits including cash back. Shop around for the best card offer, including interest rate and perks, and once approved, use it wisely!
August 8th, 2012
Jackie here, with AllClear ID. Did you know that it may be possible to pay for items using your mobile phones? Mobile payment are becoming increasingly popular and their prevalence is only expected to increase in the coming months and years.
There are several different types of mobile payment options available, each with their own identity theft risks. Let’s take a look at a few:
Mobile Phones with RFID or NFC Technology- Today’s phones can easily be equipped with a chip that can wirelessly transmit your credit card number to a retailer – if they have the right technology. Currently, only about 10% of retailers are making use of this technology, but as prices come down, this could become more common. There are concerns that this type of payment method may not be secure, but manufacturers of this technology believe it may be more secure than credit cards since phones can be shut down remotely if they are stolen. More info on this topic available on USAToday.
Adding Charges to Phone Bills- Another method for making mobile payments involves adding charges directly to a phone bill. You may have seen this in action when buying a ringtone or game through your phone. The charges are automatically added to your bill and you pay directly to your phone provider when your bill comes due. One identity theft concern with this practice is known as “cramming”. It isn’t anything new, but has become a cause for concern again in recent months.
“Cramming” is the practice of adding fraudulent charges to your phone bill. These charges are often small to avoid detection and may look like they belong on your bill. The best way to combat them is to pay attention. Watch for suspicious charges on your phone bill and report them to your phone company should any occur. Some phone providers allow you to opt-out of third party charges so these will never appear on your phone bill. Learn more about this practice on the US Department of Justice Blog.
Other Mobile Payment Options- Other mobile payment options are becoming increasingly available. Phones may be able to store copies of credit information and credit card scanners are available for smart phones. Companies like PayPal are also getting on the game offering consumers the option to pay using their accounts at checkout at brick-and-mortar retailers. We will probably see many new payment methods available in the next few years.
The best way to keep on top of the new options available is to pay attention. Examine your credit card statements carefully. Don’t forget to check your phone bill for suspicious charges. Being aware is one of the best ways to prevent id theft and catch it early on if there is a problem.
August 3rd, 2012
Jackie here, with AllClear ID. We often talk about phishing and email scams here on the blog, but phishing isn’t just something to be on the lookout for when you check your email. Id thieves use phishing tactics to solicit personal information in other places across the web as well. Always be cautious when sharing personal information and pay special attention when visiting banking and financial institution websites.
Check out this warning we found on Chase’s website about viruses and malware that can solicit your personal information. Basically, your computer is infected by a virus when you visit an infected website or open an infected email. This virus doesn’t do anything right away; it lays dormant on your computer waiting for you to visit a targeted site, such as Chase. It then creates a pop-up window asking for personal information like your account number or Social Security number. This pop-up isn’t generated by the site you are visiting. Instead, it is a tactic used by identity thieves to get your personal information.
If you see a pop-up like this, don’t fill it out. Report the problem to your bank and get your computer checked out. You may need to update your anti-virus software or you may have contracted a virus that your software doesn’t recognize.
Banks don’t typically ask for personal information like Social Security numbers or account numbers when you are logged into your accounts. On their website Chase says, “We don’t ask you for personal information such as PINs or complete account numbers when you are logged in or through e-mail. We may ask for a mother’s maiden name or a Social Security number on an application that you initiated, but it is not our practice to ask you for personal information in this way or through an e-mail.”
If you are in doubt about whether or not your bank is requesting personal information, give them a call and ask. Use a known phone number to contact them. It is always better to be a little too cautious than to inadvertently share your personal information with an identity thief. If you have shared personal information or filled out a form like this, contact your bank immediately.
Keeping up to date on your antivirus software and using caution whenever you share personal information online will help protect you from id theft. To learn more about id theft and the banking industry, head on over to the FDIC’s identity theft information site.
July 2nd, 2012
George here, AllClear ID Investigator. Consumers in debt often ask if they could go jail due to not paying collection agencies attempting to collect on past due accounts. The U.S abolished debtor’s prisons around 1850’s but the answer is, technically, yes and no. Debt collectors commonly use publicly funded courts, sheriff’s deputies, and country jails to pressure people to pay. They’re technically not arresting for nonpayment, but for failing to respond to court hearings, pay legal fines, or otherwise showing contempt of court in connection with a creditor lawsuit.
You can go to jail only if the credit card company can prove in a court that you intentionally set out to defraud the credit card company. Opening a credit card, maxing it out and never making a payment is usually considered fraud. The fact that you did make payments at one time works in your favor.
Ignoring a court order is what can land you in jail. When a creditor sues you, the court will order that you pay the bill in installments. The judges recognize that you probably don’t have the money to pay it all at once. Most court rulings do carry interest at various rates set by rule or statute. If you don’t pay the installments, the court won’t order you to jail, but it will give the creditor some power to pursue your assets. This can come in various forms such as a lien on your home, a pay garnishment, an attachment of your bank account or some other seizure of your property. If you have nothing to seize, there is still no jail time. A creditor who has a judgment against you can subpoena you to an examination to see what they can recover from you. Ignore that subpoena and you are in contempt of court. If you have filed for bankruptcy, the Federal Bankruptcy system preempts the state court system and you’ve avoided going to jail.
A 2010 report by the American Civil Liberties Union that focused on only five states – Georgia, Louisiana, Michigan, Ohio, and Washington – found that people were being jailed at increasingly alarming rates over legal debts. That loophole has lawmakers in the Illinois House of Representatives concerned enough to pass a bill in March that would make it illegal to send residents of the state to jail if they can’t pay a debt.
According to a report by the New York University’s Brennan Center for Justice, some states also apply late fees, payment plan fees, and interest when people are unable to pay all their debts at once, also known as poverty penalties. Alabama charges a 30 percent collection fee while Florida allows private debt collectors to add a 40 percent surcharge on the original debt. Some Florida counties also use so-called collection courts, where debtors can be jailed but have no right to a public defender.
If you are summoned to court regarding a collection, don’t ignore it. As long as you show up or respond to the claim, even if you cannot pay the collection agency, you can’t be arrested for the past due debt.
May 25th, 2012
Jackie here, with AllClear ID. We talked a lot about id theft and taxes at the beginning of this year. Tax related identity theft is a growing problem. According to a recent Treasury audit, it affected 641,052 taxpayers in 2011. One of the biggest problems with this type of id theft for law enforcement is being able to easily access the needed records to move forward with an investigation. A new pilot program launched by the IRS may make it easier for law enforcement to find and prosecute perpetrators of tax related id theft.
The IRS pilot program is currently available only to law enforcement officials in the State of Florida. This program will allow local and state law enforcement to have access to fraudulently filed federal tax returns. In order to access the return law enforcement will need to provide a consent form signed by the id theft victim. Upon supplying the signed form, law enforcement officials can request copies of tax returns filed using the id theft victim’s Social Security Number.
ID theft victims will not have access to the fraudulent tax documentation filed using their social security number. The tax return copies are only available to law enforcement. The IRS will continue to work with id theft victims to resolve the issues involving their tax accounts.
The IRS will determine how this program should proceed depending on the results of this initial trial in Florida. If this program works it could make it easier to find and prosecute tax related id theft cases.
May 20th, 2012
Allison here, with AllClear ID. HDTV scams are nothing new. However, there’s a new twist to this scam that involves the online sale of these products from unauthorized sellers. If you’re planning on purchasing an HDTV online, then pay attention. Making such a purchase online isn’t bad, but steps need to be taken to ensure that you aren’t buying from an unauthorized dealer.
- The scam from these unauthorized sellers involves bait-and-switching and aggressive up selling. Here’s what they do: they advertise that they have the HDTV in stock and are selling it for a below-market price, and can ship it to you for free. If you take the bait and place an order, you receive a call the next day confirming the order. Once the salesperson gives you the call, the person starts to aggressively up sell a series of add-ons, including a “3-D” HDMI cable (which isn’t real) for a 3-D TV, a custom stand or wall mount, an extended warranty and/or an “expedited” extra-cost freight.
- If you buy enough add-ons, you’ll get the TV as promised, but it’s likely to be one that is refurbished, scratched, or defective. It won’t be a brand new set. You’ll also find that the add-ons aren’t brand name or high-quality product, but knock offs. If you don’t buy any add-ons, then you might wait weeks for that TV, if you receive it at all. Since these are scammers, it’s also highly unlikely you’ll be able to return the TV or to receive a full refund. What makes the HDTV scam interesting is that for the most part, people are getting the product. Typically with scams, the scammers take the money and run. However, the HDTV scammers are getting away with it by figuratively tying the customers hands behind their back.
There are two ways to check to see if the dealer you are considering is authorized to sell those specific TV brands. First, call the manufacturer of the TV model you are considering (LG, Samsung, Sharp etc.) and ask if the dealer is authorized by them. You could also check the manufacturer’s website for that information. If they aren’t listed, or the customer service department says ‘no’, then don’t purchase from them. Second, take a look at the dealer’s product return policies. Scammers will never accept a return on the TV, or they may charge a restocking fee, deduct the “free” outbound freight from the refund, or all of the above for you to return the TV.
Not all online dealers of HDTVs are bad or unauthorized: big box retailers and Amazon Direct are both just fine. It’s simply a matter of exercising some due diligence and making sure the dealer is doing the right thing with their customers.
May 17th, 2012
Kim here, from the AllClear ID Team. Last year, AllClear ID announced a new effort to warn customers when their personal information had been found online by cyber intelligence organizations. The Victim’s Assistance Program (VAP) is a partnership between AllClear ID, the Identity Theft Resource Center (ITRC) and the National Cyber-Forensics & Training Alliance (NCFTA). It was formed to alert consumers when their personal information is reported compromised or stolen. These pirate sites that the VAP alerts customers of are exactly what blast customer’s personal data across the Internet.
About two years ago Jane received a letter in the mail referencing a credit account that she had allegedly tried to open at American Eagle Outfitters. The account was not opened and Jane assumed she had received the notice in error. Now, in hind sight, she realizes it was a warning of things to come.
Jane and her husband, a retired NYPD officer, discovered her name, DOB, address, phone number, Social Security Number and credit card information were appearing on websites all over the internet. A man she didn’t know came across her information and gave her a call. Jane was shocked, “I never would have guessed my personal information was online. I am very aware of credit card skimmers and other types of scams but this was a surprise.” His name was Thomas and he gave her web addresses so she could see for herself.
While she may never know how her information turned up online, the fallout has been unrelenting. “I get calls from bill collectors starting at 5:00 a.m. and 6-7 letters in the mail each week.” Jane says it is incredibly stressful but she chose not to put a freeze on her credit file. “I have a fraud alert set but sometimes the creditors are in such a hurry to issue new credit and they don’t check.” While many attempts are denied, this past holiday season thieves were able to open accounts at Best Buy, Apple and Midnight Express, charging just over $4,000.00.
This past tax season, someone even tried to call the IRS and have her refund redirected to them. “Now”, Jane says in frustration, “I cannot e-file and I will have to use an ID PIN each time I submit my taxes.” It is just one of many adjustments she is making while her information still can be found online.
Since becoming an AllClear ID customer, Jane receives alerts when there is new activity on her credit file and her Investigator, George, is able to work with her to repair the damage and restore her credit. They are currently working to get a court order to force Google and other web search engines to remove her information. Until that time, Jane is on a campaign lobbying law enforcement and politicians to go after those who traffic-in stolen information and to get the data collectors to purge the information from the Internet. Until then, George and AllClear ID will be there to help.
May 4th, 2012
Jackie here, with AllClear ID. “Will that be debit or credit?” Many people assume that their answer to this question only affects the card they pull out of their wallet, but they are wrong. When it comes to identity theft you have very different protections depending on the type of card you use.
A debit card is one issued by your bank that is tied directly to your checking account. It is the card you use at the ATM and at retailers when you want money to come directly out of your bank account. When using a debit card you have two options: enter a PIN or run the card as credit and sign. Both are considered debit transactions and offer the same basic protections in cases of identity theft or fraud. Here’s how you’re legally protected if your debit card is misused:
Debit Purchases/Withdrawals made with your physical card:
- Unauthorized transactions reported within 2 business days have $50 consumer liability
- Unauthorized transactions reported between 3-60 days have $500 consumer liability
- Unauthorized transactions reported over 60 days no protection
Purchases/Withdrawals made with debit card number only
- $0 consumer liability for all purchases reported within 60 days
- Consumer is responsible for all charges reported after 60 days
Debit transactions come straight out of your bank account which means that you may be without your funds while the bank investigates any fraudulent charges. The bank is required to provide temporary credit in the amount of the disputed charges after 10 days while they examine your claim.
Credit cards are a line of credit extended by a company to consumers. These cards will typically issue a monthly bill for any charges rather than deducting the money directly out of your bank account. Some of the top credit card companies include Visa, Mastercard, American Express and Discover. Here’s how you’re legally protected if your credit card is misused:
Credit Purchases made with your physical card
- $50 consumer fraud liability (most companies will waive this fee)
- If you report missing cards before charge is made, there is $0 consumer liability
Purchases made with credit card number only
- $0 consumer liability
Consumers also have additional protections when using credit cards through the Fair Credit Billing Act. This law protects consumers from poorly made or damaged merchandise that was purchased with a credit card. You may also have coverage for items purchased but not received. This protection is available after efforts have been made to resolve the problem with the merchant and specific requirements will need to be met.
For more information on avoiding credit card fraud read the FTC’s Consumer Fact Sheet: Avoiding Credit and Charge Card Fraud.
The next time you head out for a shopping trip make sure you know what protections you have available should you become a victim of identity theft or notice fraudulent charges on your card statement.
March 30th, 2012
Bo here from AllClear ID. In light of the recent security incident at a large payment processor for several major credit card brands, here are our best tips to protect your credit card.
- Check your statements frequently. Luckily,for credit cards after fraud has occurred, there is no time limit to report fraud. Your maximum liability will remain $50, or $0 if the fraud involves your credit card number, but not the card itself. Check the FTC website for more details.
- Set up transaction alerts. Almost all banks offer the ability to receive customized email or text message notifications for a number of things including when:
- Your credit card account exceeds an activity limit that you choose.
- Your available credit card balance drops below a certain amount.
- A purchase is made over a limit that you chose.
- Download the free AllClear ID iPhone App: Our Fraud Detection alerts you when your personal information is reported stolen including credit card numbers. Download it today, and share it with your friends and family so they can also sign up to receive alerts.
We recommend receiving an alert any time a purchase is made on your account. To sign yourself up for alerts, sign into your account online and look for an “alerts” link or page. The location varies depending on the company, but here are the information pages for some of the major banks and credit card companies.
December 12th, 2011
Vanessa here from AllClear ID. If you use one of Bank of America’s credit cards, you can feel a little safer: the bank scored the highest in an annual tally of card issuers’ efforts in identity theft protection.
In Javelin Strategy and Research’s seventh annual Card Issuer’s Safety Scorecard, Bank of America scored tops in all three categories — prevention, detection and resolution — to finish its fifth straight year as the best in class. On a 100-point scorecard, Bank of America earned 87 points. The Discover Financial Services was second with 74 points. Next came U.S. Bank with 73 points, USAA with 69, and Capital One with 68.
Phil Blank and Jessica Chu, the Javelin team that created the report, found that card issuers are getting more serious about communicating with customers about identity theft protection. One in four issuers offer two-way actionable alerts to their customers, while nearly three in four offer alerts to mobile devices
Here are five tips gleaned from the Javelin study to consider when choosing a new credit card.
- Help prevent cyber crime by choosing a card issuer that has a strong relationship with a security-prevention group. You want to get the best anti-virus protection out there, and it’s generally cheaper for the card issuer to get it in bulk and either give or sell it to you than for you to buy it on your own.
- Look for card issuers that give you the means and the knowledge to avoid identity theft. Offering tips for safe online and off-line purchases are great, but go to issuers that have extra layers of protection, such as a new data-security technology called “tokenization” that is used for online purchases. It intercepts the information on your card when you charge and replaces it with randomly-generated proxy numbers. That makes it nearly impossible for hackers to reassemble it through decryption or reverse engineering.
- Find issuers that allow you to validate transactions that exceed certain limits you define, and contact you with say, real-time alerts to you cell phone. Javelin’s Blank prefers the review-and-release approach in which you have to OK the purchase before it’s validated, versus the review-and-respond method in which the purchase already has been charged.
- If possible, get an EMV chip card. It’s a contactless credit-card technology that relies on an embedded chip rather than a magnet strip. Currently, EMV cards are ubiquitous in most other countries except the U.S. In fact, it’s getting increasingly difficult to use magnet-strip cards abroad. But U.S. Bank, Wells Fargo and JPMorganChase are testing their own versions of the cards, and Visa is pushing to get them widespread in the U.S.
December 7th, 2011
Vanessa here from AllClear ID. Dining out at a top restaurant in New York City should be a memorable experience. But for some people, it was memorable for the wrong reason – their credit cards were used by the waiters serving them to buy big-ticket items and sell them for cash.
A sophisticated identity-theft ring recruited waiters at high-end New York steakhouses like Smith & Wollensky’s and Wolfgang’s Steakhouse to steal diners’ credit-card information, then used it for luxury shopping sprees, authorities said Friday. Some 28 people were indicted in New York City on November 18 on charges of racketeering, conspiracy and grand larceny.
The group had seven waiters use “skimmers” to copy at least 50 diners’ American Express card data while running their tabs. The ring made up counterfeit credit cards, then went out to buy big-ticket items, including Rolex watches, Chanel handbags, Jimmy Choo shoes and vintage wine. They did this nationwide, from Boston to Los Angeles. The scope of the crime could range into the millions of dollars.
Because the waiters targeted only high- or no-limit cards, the customers were most likely accustomed to high credit-card bills and would not have noticed suspicious activity unless they were alerted by their card companies. But outside of making sure your card doesn’t have an exorbitant spending limit, how can you make sure you’re not the victim of a similar scam?
Some tips from the Federal Trade Commission include:
- Keep an eye on your card during any transaction, and get it back as quickly as possible.
- Save your receipts to compare with your bill.
- Open bills promptly (or regularly monitor your accounts online) and reconcile your credit card accounts monthly.
- Report questionable charges promptly — in writing — to the card issuer.
Another good idea: Set up mobile alerts for your phone so you can be aware of unusual activity as quickly as possible.
August 11th, 2011
Vanessa here from AllClear ID. We’ve covered a lot of information about credit card fraud in past “Fact or Fiction” posts, but there’s so much involved in preventing it from happening to you that we had to add one more to the list. Below, test your knowledge about the best ways to communicate with your credit and debit card issuers.
Fact or Fiction? It’s never a good idea to communicate with your card issuer through e-mail.
FACT: Banks or credit card companies will never ask for personal information in this way. Thhis is due in great part to “phishing,” the scam thieves use to send massive numbers of phony emails to consumers, pretending that the messages come from their bank, in an effort to get an unsuspecting person to reveal personal information, like bank account numbers. So don’t respond to emails — or even phone calls — asking you to provide your credit card numbers, Social Security number or your mother’s maiden name.
Even when you have a legitimate request, banks ask that you never send detailed account information in an email, because they are not secure and the information may be intercepted by criminals. Instead, visit in person, use the bank’s secure website, call your bank on the phone, or write a letter when you are attempting to settle a dispute with a merchant or your bank.
Fact or Fiction? Don’t tell your card company in advance if you’re about to make out-of-the ordinary purchases.
FICTION: Actually, it’s a good idea to notify your credit card company if you are going to be traveling and plan to use your card on your trip. This may prevent your account from being flagged — some card issuers automatically block accounts if they see cards being used in new places.
And if you are going to make any unusually large purchases, notify your card company so that your account is not flagged for possible fraud. For instance, if you are renovating your home and plan to purchase materials, fixtures or appliances, let your issuer know in advance. Your card may be blocked or suspended until you call the company back. This is done to protect you and the card issuer.
Fact or Fiction? There’s a limit on how long you can contact your card issuer about fraudulent charges.
BOTH: This depends on whether you’re reporting credit or debit card fraud.
For credit cards, federal law you are not liable for a penny if you report the card as lost or stolen before fraud occurs, so the best thing to do is report your card missing as soon as possible. However, after fraud has occurred, there is no time limit to report fraud. Your maximum liability will remain $50, or $0 if the fraud involves your credit card number, but not the card itself.
For debit cards, the issue gets a bit complicated. Legally, “your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.”
- If you report an ATM or debit card missing before it’s used without your permission, the EFTA says the card issuer cannot hold you responsible for any unauthorized transfers.
- If you report the loss within two business days after you realize your card is missing, you will not be responsible for more than $50 for unauthorized use.
- If you don’t report the loss within two business days after you discover the loss, you could lose up to $500 because of an unauthorized transfer.
- If you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed, you also risk unlimited loss. That means you could lose all the money in your bank account and the unused portion of your line of credit established for overdrafts.
- For unauthorized transfers involving only your debit card number (not the loss of the card), you are liable only for transfers that occur after 60 days following the mailing of your bank statement containing the unauthorized use and before you report the loss.
These figures represent your maximum liability. Company policies vary widely, so do your research. Whatever the case, it’s best to contact your card issuer as soon as you notice a problem. Once you report credit card fraud to your issuer, you will be sent a fraud affidavit for you to fill out, sign and return – which you should do promptly.
July 21st, 2011
Fact or Fiction? Card “skimming” doesn’t just occur at ATM machines.
FACT: Skimming, the method by which thieves steal information on your credit and debit cards, actually occurs frequently at retail outlets, particular bars, restaurants, and even the gas station down the road from you.
We recently did a post about six ATM scams and how to avoid them, but you also need to take care when you hand your card over to a waiter, bartender or anyone else in a retail store.
Here’s how it works: An employee skims your credit or debit card with a handheld electronic device that scans the data on the card’s magnetic strip. The employee sells that information to other thieves, who make counterfeit cards with that data. Criminals go on a shopping spree with the fake cards, and you’re unaware of the fraud until your card statement arrives, listing all the purchases you didn’t make.
So how to avoid skimming scams?
- Make sure your card always stays within sight. If you can help it, never let anyone leave your presence with your card in hand. If you’re in a store and the clerk says he has to go to another counter to run the card, follow him.
- Use cash instead at brick-and-mortar stores.
- Monitor your card receipts and check them carefully against your statements, even the tiniest amounts. Some thieves take out small amounts in hopes cardholders won’t notice.
If you’ve been skimmed, here’s what you need to do:
- Call the police – being skimmed is just like having your car stolen. Make a police report and hang on to the police report number.
- Contact your bank or credit card issuer immediately. As we discuss in Part 2: Fraud or Fiction, you could be liable for some or all of the unauthorized charges if you don’t report them quickly.
July 19th, 2011
Vanessa here, with AllClear ID. “Smart Cards,” credit cards embedded with RFID chips, are getting more attention as more banks issue them to their customers.
What is RFID – and why is it in my credit card? An RFID (radio-frequency identification) credit card has a radio frequency microprocessor inside it that contains your card information. When you check out at the register, you wave your smart card within a few inches of an RFID-enabled terminal. The terminal reads your data, transmitted via radio waves, and completes your purchase. This is the technology used at unmanned tollbooths that let you drive right through.
But unbeknownst to you, you may have one of these cards without even knowing it. RFID cards look like your standard credit card, and some even have the magnetic stripe on the back of the card so that you can also swipe it to pay.
Do RFID credit cards put you at risk for identity theft or fraud? Bo Holland, Debix founder and CEO, says yes. In a recent television interview, he said having a smart card on you turns you into a walking radio station. Because it’s broadcasting frequency or your information all the time, even while you’re walking down the street, thieves can steal your information. “With 100 dollars worth of equipment and a little bit of knowledge that you can get off of the Internet, you can actually read these cards,” said Holland.
But even if someone can steal your credit card account number, can they use the information to buy purchases or steal your identity? The Identity Theft Resource Center (ITRC), which tracks card fraud issues, recently issued a statement about the safety of RFID credit cards, saying it “believes in both the technology and the companies that are using it” keeps a watchful eye on these things. They also note that “…it is apparent so far that although scanning the card can be done, getting all the necessary information useful to commit fraud is probably not easy.”
Still, if you’re concerned, there are some easy steps you can take to “lower the frequency” on your RFID cards and keep your data more secure:
- Leave your RFID credit card at home, and use it only for online purchases. Pay for brick-and-mortar purchases with cash or regular credit cards.
- Wrap your RFID card in aluminum foil before putting it in your wallet – this simple technique apparently blocks the chip’s radio frequency from transmitting.
- Consider buying a “credit card shield” for more protection. There are a number of companies that make card shields and wallets made out of aluminum or stainless steel to block’ RFID-reading scanners.
- Take notice if someone gets way too close to you on a busy street or in a crowded mall – they might be wielding a scanner.
- Monitor your credit card statements regularly for errors or odd charges.
July 7th, 2011
Fact or Fiction? Writing “Check ID” on your credit card is an effective way to deter identity theft.
As many people do (and even we’ve suggested in the past) writing “check ID” on the signature line of your cards to deter thieves from using them is a relatively common practice. But one of our readers wrote in to say he was surprised by this advice.
From our reader: “In the first place, cards are not considered valid until they are signed. Merchants, unfortunately, rarely even look at the back of the card, but if they did, they would be correct to refuse to process the transaction until you sign the card. If someone was using a stolen card with ‘Check ID’ on it, it would actually be easier for them to get away with it. Signing the card, however, gives the merchant a way of comparing the real signature with the person using the card. If I was a criminal in possession of an unsigned card with Check ID written on the signature panel, I would create a fake ID with that name. Then, if I’m asked to sign the card by a clerk who knows the rules, the signature will match the ID, since they will both be mine! I don’t disagree that adding ‘Check ID’ is valuable, but perhaps it should be added AFTER the original signature of the rightful owner. That way, the card is valid, the real signature is available for comparison, and the clerk is encouraged to check ID as well.”
So…is he right?
FACT: Yes, he’s correct. Writing “Check ID” is against the rules that both Visa and MasterCard sets for its merchants. Technically, a card is not valid unless signed by the authorized cardholder. And therefore, the merchant should not complete the transaction. The merchant can only complete the transaction on an unsigned card if you sign the card in front of the employee and then show valid ID proving you are who you say you are.
Another bad idea for sticking with the “Check ID” method: If you want to charge something and don’t happen to have ID with you, you’re out of luck. And, just like our reader above mentions, crooks who get their hands on your signature-free card could just sign it in front of a clerk, thereby making the card appear valid — while also ensuring that the signature on the card will now match their own on the receipt.
So take our reader’s advice: Sign the card AND write “Check ID” on the signature panel. It provides you with a double dose of protection against card fraud.