Liz Weston: What are some “good hygiene” rules that help make credit cards less vulnerable to fraud?
Dear Liz: We have a primary credit card, which we use all the time, which collects the airline miles we use to travel. Every few months it gets “compromised” and we have to get a new one. Is there anything we’re not doing right? Are there “good hygiene” rules for bank cards?
Answer: Yes, and most involve reducing the number of places that have access to your card information.
Many online retailers and web browsers offer to save your card information to make future purchases easier.
While these autofills save time, they mean that your credit number information is stored in databases beyond your control. Declining this option – and removing your stored maps from browsers and retail accounts – means less convenience but more security.
Another option is to add two-factor authentication to your retail accounts, making them harder to break into. This would require you to enter a code that is texted or emailed to you or generated by an authenticator app.
Some credit cards offer the possibility of using virtual numbers online. If yours does, this is another option worth using. The retailer never has access to your real credit card number, so they can’t end up in a potentially vulnerable database.
You can avoid exposing your credit card numbers when shopping in person by using mobile payment apps like Apple Pay and Google Pay.
These apps create a “token” from your credit card information that is passed to the merchant when you want to buy something. Again, the merchant never sees and cannot store your card details.
Other best practices include avoiding dangerous merchants and sites. When shopping online, always make sure that the little padlock symbol appears on the left side of your browser’s address bar and that the site address begins with “https” rather than “http” . If a site doesn’t offer these basic security features, you shouldn’t shop there.
Beware of in-person merchants using old-fashioned swipe card readers, ones that require you to swipe, with no ability to touch or insert your chip card. It’s much easier to clone information on a card’s magnetic stripe than on its chip, so avoid swiping if possible.
Also beware of skimmers and shimmers, which are devices that thieves install on ATMs and unattended fuel pumps to steal card information. These devices can be difficult to detect, so consider paying for your gas inside the station and using ATMs attached to banks.
You should also avoid using public Wi-Fi for any financial transactions, as these networks are usually unencrypted and easily compromised. Finally, be on the lookout for phishing attempts, which is when criminals attempt to trick you into divulging credit card information and other sensitive personal information by pretending to come from a trusted source.
Understand that you can do everything right and that criminals can still steal your card information. Luckily, you’re protected against fraudulent charges, so a compromised card is more of a hassle than a financial disaster.
Liz Weston, Certified Financial Planner, is a personal finance columnist for Nerd Wallet. Questions can be sent to him at 3940 Laurel Canyon, No. 238, Studio City, CA 91604, or by using the “Contact” form at asklizweston.com.