With the global costs of card fraud reaching tens of billions of dollars per year, protecting your credit card data is more important than ever. Although no solution is foolproof, technology can help keep your personal data from getting into the wrong hands. The more hurdles you create between fraudsters and your funds, the better. Here are three big steps you can take.
1. Use cards with EMV
EMV chip technology, now the standard in Europe and many other parts of the world, is expanding widely in the United States. But many consumers aren’t aware of the benefits of EMV. NerdWallet’s inaugural study on consumer credit experience found that 25% of people in the U.S. think cards with EMV chips are equally secure or less secure than traditional magnetic stripe cards, while 34% weren’t sure which was more secure. But EMV chips do completely eliminate certain types of fraud, making them a clear winner over magnetic stripe alternatives.
Not all issuers currently offer cards with chips, but the security benefits might make it worth signing up with one that does.
“Tokenizing card data so merchants can no longer see the 16-digit [primary account number] drastically increases the safety of member information, since tokens can’t be tied back to the account number, rendering them useless if compromised at merchants,” says Matthew Freeman, credit card products manager at Navy Federal Credit Union.
When you swipe a traditional magnetic stripe card, by contrast, the information is the same with each transaction. Data thieves who gain access to that information can create a duplicate of your card and use it just about anywhere, a process known as counterfeit fraud.
“The migration of U.S. issuers to chip cards will ultimately help mitigate counterfeit fraud,” Freeman says. “Counterfeit fraud is the largest type of fraud impacting U.S. card payments, so switching to chip cards will certainly help the situation.”
Even though EMV significantly bolsters security for in-person transactions, be aware that the technology delivers no additional benefits for transactions online or by phone, known as “card-not-present” transactions. So if you’re paying in those ways, your information is still at risk.
Most EMV cards also have magnetic stripes, and swiping an EMV-chip card will not provide any additional protection. For cardholders to reap all the protections of an EMV card, they must transact directly through an EMV terminal. Some terminals can handle both swiped and EMV transactions; if given a choice between the two, use EMV.
Merchants won’t technically be required to adopt EMV systems into their point-of-sale terminals, but not doing so means they’ll be taking on liability for counterfeit transactions.
2. Pay with your phone
Phone-based payment services such as Apple Pay and Android Pay make paying at stores a lot easier, but they also make it safer. Most mobile payment services take advantage of the same tokenization technology used in EMV cards, so the information used for transactions changes every time. Plus, the phone itself adds another layer of security.
Just as with a magnetic stripe card, if you lose an EMV-chip card, it is still possible for a criminal to use it fraudulently if the cashier fails to confirm your identity with a photo ID. But if you lose a mobile device with payment capabilities, a thief would need to know your device’s password to complete a transaction. Some payment services (Apple Pay, for example) can even require a fingerprint scan to finalize payment.
3. Get a smart card
Still a fairly new concept in payment technology, smart cards essentially pool all of your cards (credit, debit, membership, gift) into one. These devices are similar in form and function to a standard credit card. They rely on small, battery-operated computers under the surface to work.
Coin, one of several smart cards on the market, allows users to store and pay with up to eight cards. When Coin users are ready to transact, they toggle to their card of choice and swipe it as they would a normal magnetic stripe credit card.
What makes this technology more secure than a typical credit card is that Coin locks after every use, requiring a password to activate payment. So if your card is lost or stolen, you won’t have to worry about anyone using it to make fraudulent purchases. Coin also recently rolled out a device that adds tokenization security.