The credit card companies are full of good advise like "never hand your credit card to anyone you don't know", and "check for card skimmers before inserting your card", but this type of advice seems more self-serving and disingenuous than "Black Friday" and "Cyber Monday" require. So I've prepared a list of 5 counter-fraud tips that are in the consumer's best interest and that you're not likely to hear from your bank.
1) Stare. It's no longer considered rude to stare at your card for the entire time it's in the hands of a clerk or waiter. With billions of dollars being stolen every year by 'nice' people with skimmers in their pocket, the only thing stopping them from reaching in and giving your card a swipe is keeping your eyeballs fixated on your card. If their hands go under the counter, lean in and watch closely. If they walk away, follow with your eyes, and even your feet if necessary, but keep your eyes on your card. Most of these people skimming are not hardened criminals, but rather criminal opportunists, and if they feel eyes upon them, they are much more likely to skip your card and move on to the more polite chap in line behind you. To see how easy these skimmers are to use, take a look at the video interview I did over at the WSJ.
2) Shield. Debit cards are being used with far greater frequency, both due to the economy and clever advertising trying to herd us onto lower cost systems. But debit cards come with a huge and under-reported cost -- there is no "$50 dollar limit" to your loss. If someone skims your debit card and uses it to buy a plasma screen, you end up paying. So the only thing standing between you and buying some crook a plasma is your four digit PIN. And while many of you (but not nearly enough) have gotten accustomed to shielding your PIN entry at the ATM, very few of you do it at the grocery or retail store checkout counter. This season especially, you should expect that there are cameras trained on the checkout terminal, and that the 'nice' people around you are really memorizing your digits. So lean in and cover your PIN entry from every angle, because the digits you save will be the money in your account.
3) Change. With almost one billion account numbers already compromised world-wide, the chances that your credit or debit card numbers have already been stolen are high. So the best way to stop them from being used is to call your bank, tell them you think your number might have been compromised, and ask them to issue you a new card with a new number. And do this every few months to be safest. For those of us who do automated bill pay (myself included) there is a hassle factor in changing our numbers, but writing as one who has also endured repairing a skimmed card, I promise it's easier to update your bill pay system than fight all the fraudulent charges that will keep haunting you. And when you ask for a new number, ask your bank for a completely new number, as the bad guys have already figured out the clever little 'number increment' algorithm many banks use to replace a card. Make sure your new card has at least 8 different digits at the end of your card number. Your bank may squeal that it's not necessary, but it is and you should make them do it for you.
4) Check. OK, this one you've heard before, in terms of checking your credit, and I hope by now most of you check your credit with the three credit services (and I really hope you know that the services with 'free' in their name really aren't, but the Government runs a service called http://www.annualcreditreport.com/ which is really free). But I'm not referring to checking your credit report here. I'm referring to checking your credit and debit card statements online. Every day. Again, a bit of a hassle (though there are some new phone apps that make it simple to do), but it's critical to safeguard your money. The average time between skimming a card and using a card number online is 3 days. The average time between skimming a card, counterfeiting 'white plastic', selling that new card with your information, and it being used is now only 10 days. So if you wait for your monthly bill, you've lost already.
5) Authenticate. All of this may soon be a thing of the past, as the newer credit and debit card terminals can now tell the difference between an authentic card and a counterfeit by looking at the natural properties of the magnetic stripe itself. This process, called card authentication, allows merchants to simply reject counterfeit cards, making the staring and shielding and changing and checking a thing of the past, and allowing us to get back to trusting one another. But until it's universally adopted, push your banks and favorite merchants to agree to perform the authentication check (at http://www.nocardfraud.com/ ), so at least your information is safe.
Credit and debit card fraud is a big problem, and it shouldn't be the consumer's to solve. But until we get our banks and merchants to perform the card authentication check, we've all got to look out for our own money, especially in this holiday buying season. I wish you safe and happy holidays.
Tom Patterson is the Chief Security Officer at MagTek Inc., and leads the financial industry Campaign to Wipe Out Counterfeit Card Fraud (www.NoCardFraud.com ). Tom can be reached at CSO@MagTek.com, or followed on www.Twitter.com/TomTalks