Keeping Your Credit Cards Secure

Brendan Harkness

Brendan Harkness

Updated Jun 12, 2018

Which Credit Card Is the Most Secure?

Overall, no credit card is appreciatively better than any other, including the European versions. Nothing can substitute for user caution, vigilance and frequent online account self-monitoring. The struggle to keep villains at bay continues with improvements in plastic chemistry and molding technology, and in digital advances in magnetic strip technology to make duplication harder.

Some companies add an intricate, hard to duplicate, hologram to the face of the card, thus further strengthening security. Future cards will carry sophisticated computer chips capable of hosting applications connected with frequent flyer programs, merchant loyalty programs, hotel preferences and partnerships with mass transit systems in cities worldwide.

If you have a credit or debit card in your wallet, don’t take its value for granted. Protect it. Treat it like the confidential identity document that it is. Here, we’re not talking about financial mistakes – falling into debt or making late payments. While we strongly encourage you to manage your finances responsibly, this section is about mistakes people make – literally – with their cards and card numbers.

Tips for Staying Safe

Staying Secure Online

The rise of online shopping and banking has made it easier for our personal financial information to fall into the wrong hands if we’re not careful. To protect yourself, be sure to clear your login name, account number and password after every transaction, particularly if you are using a computer that others can access.

It’s also a good idea to change your login names and passwords regularly—at least monthly. Phishing schemes are those emails and other messages that look like they come from your bank, credit card issuer or other reputable source but, in fact, come from criminals trying to convince you to provide personal information.

Always be sure that you know who you’re communicating with, and, if you ever have any doubts, call the company at their published phone number. Here are some more tips for preventing fraud when shopping and banking online:

Use a Credit Card, Not a Debit Card

Debit cards simply do not offer the same fraud protections which consumers are afforded with traditional credit cards.  If any fraudulent charges do occur, you should ask yourself if you would prefer for it to be your personal money on the line (i.e. your debit card) or the bank’s money on the line (i.e. your credit card).

Sure, most banks will give you back the money lost on any fraudulent debit card transactions within a few days, but missing money from your personal checking account for even a few days can be extremely stressful and unsettling. The Fair Credit Billing Act (credit cards) is much more protective of cardholders than the Electronic Funds Transfer Act (debit cards). Learn more about credit cards vs. debit cards here.

Review All of Your Credit Card Transactions Online

You don’t have to wait until you receive your monthly statement to review your credit card charges. Be proactive and log in to your online credit card account once a week to verify that you recognize all of the charges which have posted.

It is crucial to be aware of small, unrecognized charges as well. An unrecognized charge for $1 may seem insignificant and not even worth the time to call your bank and question. Not so fast. Credit card thieves commonly charge a series of small purchases in order to see if the card is still active and available for use. If a crook determines that your credit card is “live” then you can likely expect some larger fraudulent purchases to follow.

Use the Same Credit Card for All of Your Online Shopping

Another simple way you can protect yourself from credit card fraud is to use the same credit card over and over again for all of your holiday purchases. It is easier to manage and track the charges for one credit card than it is to track multiple charges across multiple cards.

Always Log off after Checking Out

Typically, when you make a purchase from a retailer online you are prompted to log into your account or to create an account with the retailer if you are making a purchase for the first time. After you have selected and paid for your purchases you want to remember to log out as well. Many retailers have a feature which will automatically log you out after a certain period of inactivity. However, it is always best to log out yourself in case the retailer doesn’t have this security measure in place.

At the ATM and Gas Pump

Credit Card Skimmer AnimationCredit card fraudsters use devices called “skimmers” to collect card data at ATM’s as well as automated gas pumps. They fit over the card slot or PIN pad, and look much like the normal machine. Unfortunately, skimmers are very hard to detect. This makes it all the more important to monitor your credit report periodically for suspicious activity. You can learn more about skimmers, and see plenty of examples of how similar they look to the real thing, in this post from Krebs on Security.

Be Careful with Paper

Don’t just throw your bills and other financial paper in the garbage or recycling bin. Shred it completely. This also goes for unsolicited credit card and loan offers you receive in the mail.

Credit Card Mistakes to Avoid

Posting a Photo Online

Don’t post a photo of your credit or debit card online. Period. This photo was posted on a blog post that was quickly deleted when the author realized her mistake. But the image lives on in internet eternity.

Credit Card Number

Some people feel safe when they cover the first eight digits. Others obscure the last eight. In either case, it’s a bad idea.

In this example, we have half the card number, plus the expiration date and the cardholder’s name. All Visa card numbers begin with 4, and the next five digits identify the bank or card issuer. After a little bit of research to find out the numbers that identify this cardholder’s bank, only two unknown digits remain in the entire sixteen-digit account number. An enterprising thief can easily figure out what they are. If you have a legitimate reason for posting a photo of your credit or debit card, obscure all of the numbers or at least the last ten digits, which are the ones unique to your account.

Transmitting the Card Number on an Open Network

Checking your email while sitting at Starbuck’s is fine (although some experts caution against even that), but conducting financial transactions isn’t. Data transmitted on open Wi-Fi networks is vulnerable to all sorts of hacks. Compromised computers might share the network, or the network itself might be infected. Data transmitted on open networks is visible to any computer in range of the network. Hackers can intercept keystrokes or use programs that decipher passwords or steal information. Never enter your credit card number when using public Wi-Fi.

Transmitting the Card Number over the Telephone When People Can Hear

Many legitimate financial transactions are conducted on the telephone, and you may need to give someone your card number verbally one day. Verbal transactions almost always include your full name, your billing address or some portion of it, and the verification number on the back of the card. If you recite that information out loud, anyone in earshot will be able to use your information the next moment. Don’t tell anyone on the phone your card number if someone who should not have access to that information can hear you.

Giving the Card Number to an Unverified Caller

A common scam is for a thief to call and claim to be someone you trust – the police department conducting a fundraiser, the utility company about to shut off your electricity, the administrator of a contest you’ve won – in order to trick you into providing your credit card number. If you didn’t initiate the call and you don’t know the caller personally, don’t give out your card number. Make the call yourself, to a published phone number, not to one that the caller claims is his direct dial number or extension.

Emailing the Card Number

Some email hackers employ search tools that scan for strings of numbers that are likely to be credit card accounts. A small number of consumers claim to eliminate the risk by sending four or more separate emails, each containing a portion of the info, but this solution is cumbersome and by no means guaranteed to work. Any time you write or type your credit card number and give it to someone in an unsecured, unencrypted manner (including on a piece of paper), you increase the chance that the card number will be exposed.

Some businesses do ask to hold your credit card number as a sort of deposit or guarantee, even when they don’t plan to complete a transaction (it’s common on vacation home websites). This is very risky and there is no reason to comply. Find another seller. In cases where there is no apparent alternative, consider faxing it instead (to a private fax machine).

What If You Already Made a Stupid Mistake?

Don’t be too hard on yourself. We all live and learn. Thankfully, the major credit card networks all have 0% fraud liability, so even if your card number is stolen and used you won’t be held liable as long as you catch the problem reasonably quickly.

If your card number has been compromised, just call the issuer and ask for a replacement with a new number. You’ll be inconvenienced for a few days while the new card is en route, and you’ll have to spend some time on the phone, but this is a rather small price to pay. Commit to handling your card with more care in the future, and you can avoid the worry.

If you suspect that you’ve become a victim of identity theft or your credit cards have actually been used fraudulently, click here to learn what you can do »

Credit Card Security Features

Standard Physical Features

At present, all cards used by American shoppers have a signature panel, magnetic strip, and a long account number. The card’s expiration date is there, no doubt, because ATMs retain any card that has expired. The account number is unique to the card’s owner.

Signature Panel

Believe it or not, a credit card must be signed, and a merchant can refuse to accept it if the signature box is empty, or even if the words “See I.D.” are printed there. Any attempt to erase the original signature will result in the destruction of the signature panel’s patternation, leave an obvious white spot, and even reveal the word “Void” that may be hidden under the panel.

Verification Number

A 3-digit code on the back of the credit card (4-digits on the front of American Express cards) that is required for processing any “card not present” transaction. Only a person who has or had physical possession of the card can know the verification code.

Embossed Name and Numbers

Originally for the purpose of running the card through a device that took a physical imprint of the card onto a credit card receipt via carbon paper, embossing also doubled as an anti-counterfeiting measure in the early days. Card imprinting is obsolete and rarely used in Western commerce.

Magnetic Strip

The magnetic strip also common to all cards contains coded information that bank are understandably reluctant to reveal. When it was created, it negated the need for carbon paper, but is now becoming an obsolete feature because it transmits unencrypted data. It is subject to skimming and interception, and has already been largely phased out in Europe.

Chip Cards

Europe has already shifted from magnetic stripes to chip cards, and the United States is following suit. Embedded microchips are nearly impossible to duplicate and can be combined with other security features to make credit card fraud extremely difficult.

Duplicate Full or Partial Account Number on Front or Back

The four digits printed on the front of a card (on all Visa cards, for example) must match the first four digits embossed on the card. The last four digits in the account number may also be repeated in the signature box on the back of the card. On Discover cards, the full account number appears in reverse in the signature box, and on the Discover it® cards the account number is not included on the front at all.

Photos as Security… or Not

Photos on credit cards were first introduced in the 1990s as a security measure. Since the photo of the card owner was displayed on the front of the card, issuers and consumers believed (hoped?) that a merchant would refuse to process a transaction requested by anyone not matching the image. Unfortunately, there is no evidence to show that photo cards have been less likely to be used fraudulently than any other type of credit card.

As a security measure, photos quickly became obsolete. A photo is a nice touch, but does almost nothing to beef up the security on your card. It might preclude the need to show identification to a merchant who requests it, but for every merchant who checks the photo there are many others who won’t give it a passing glance. Any peace of mind gained from the photo is without a real foundation.

Holographic and Other Images

Images are anti-counterfeiting features, with holographs the standard on most credit cards. Each card issuer also adds its own images. MasterCards, for example, have a stylized “MC” on the front of the card, and Discover adds a watermark to the signature box.

The Laws of Probability

To stop a criminal from inventing a workable but bogus sequence of numbers, banks depend on statistical probability. If only 65 million out of 10 trillion possible account numbers are assigned, the statistical likelihood that someone will chance upon a valid account number is very low. This will not help, of course, if someone gets a real number and puts it to criminal use.

Usage Monitoring

Increasingly, card issuers (among them, Chase, United Services Automobile Association, Pentagon Federal Credit Union and Navy Federal Credit Union) ask customers to tell them about travel plans, dates and places – especially foreign travel.

In this way, the customer’s routine credit card purchase behavior on home turf will not suddenly signal alarm when a sudden purchase pops up in a distant location (an alarm that may trigger the card’s pre-emptive cancellation by the bank’s computer). Purchase monitoring is already standard operating procedure with American Express, Discover, MasterCard and Visa, but not in equal measure.

Additional Security Features

 A further modicum of security is available from Citibank and Bank of America who will add the customer’s photo to a credit card upon request. But photos have only limited security value. Thanks to on-line shopping and in-store point-of-sale keypads, a photo card is not a tough challenge for an identity thief.

Temporary purchase numbers are another protection, and recommended by some experts. They work when you log into your account and use a special, one-time generated number to pay. A new number can be generated for each purchase, or a sequence of numbers may be set up for multiple purchases. The feature is most secure for single use only. The downside is that temporary purchase number generation adds a layer of complexity and inconvenience that may not appeal to many people.

To learn more what makes up a credit card, check out our page on the Anatomy of a Credit Card »
Was this helpful?

The Insider

Brendan Harkness
Review of the Uber Visa Card
Brendan Harkness | Jun 21, 2018

The Uber Visa Card, issued by Barclays, offers 4% cash back at restaurants, including UberEATS, 3% back on hotels and airfare, and 2% for online purchases.

Read More
Susan Shain
Do No-Interest Credit Cards Really Exist?
Susan Shain | Jun 20, 2018

Is that 0% APR offer too good to be true? Here's what you need to know about no-interest credit cards in 2018 and how to choose the best card for you.

Read More
Susan Shain
What’s the Highest Credit Score and Why Does It Matter?
Susan Shain | Jun 15, 2018

We all want high credit scores, but should you reach for perfection? Here’s what you need to know to get and maintain the highest credit score possible.

Read More