AskCyberSecurity.com

Cyber Security News & Information

AskCyber Home » News » data privacy » How NOT to Secure Credit Card Data

How NOT to Secure Credit Card Data

by

How Not to Secure Credit Card Data

The average card holder will have erroneous charges on their account at least once every year. A stat like may leave you wondering how to secure your credit card data. Is it even possible? Credit card data is difficult to protect. Recently I shared my experiences with my credit card fraud. My card numbers (not the physical card) was lifted somewhere in Manhattan, New York in August 2016. Earlier that same year, the card numbers of someone I was traveling with were skimmed as we walked the Las Vegas Strip at night. Since then, when I travel, I use an RFID blocking wallet. Really, I should be using it every day, right?

I know how hard it is to secure credit card data and know that no matter hard how I try, the hackers are out there waiting for the next path in. Here’s another story, this time it’s about how NOT to protect your credit card data. This may be the start of a series, called “cyber fails” or something like that. But it’s not actually cyber related, but it could be!

Today I stopped in the market to pick up a few things for dinner. I grabbed a bag of snacks for my daughter and then rounded the corner to the produce aisle. As I cruised toward the bananas, I saw a woman on her cell phone at the end of the aisle. She was reading all her credit card information over her phone, obviously shopping over the phone – in the middle of another store. She read everything, I heard it all – the credit card number, the expiration date and the CVV code off the back of the card! Really!

It’s not a cyber related issue but it could easily develop into one. If I was a thief, all I had to do was record her own words or write down the numbers. I could rack up a few days of charges before her bank ever caught on. The last time my card was stolen, the thief made a two dollar charge every morning. The bank told me this was to see if the card was still active, i.e. they weren’t caught yet. Since I was traveling at the time, I was NOT checking my bank attachments because I would have to use the hotel WiFi to do so. The pitfalls of using public WiFi are covered in this blog post. It took two days for my bank’s algorithms to catch on and send me a robo-call. The card was then shut down.

I’ve switched banks since then. Now I have all my cards send me an SMS text whenever there is any activity, regardless of the dollar amount. My bank also holds up charges too. They have a wonderfully added layer of security for suspicious purchases. They’ll block a purchase temporarily, send me an SMS message asking for an approval and wait for my reply. See that blog post about a secure credit card.

We cannot block all hackers, but we can take steps to help prevent credit card fraud. Certainly, reading your own numbers aloud in a public place is not the way

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers