BACK

Legal, Regulatory, and Privacy Issues

Will increased consumer mobility pose a threat to credit card security?

Experts weigh in on how to stay safe and still make convenient mobile payments

Summary

With increased consumer mobility, security issues take center stage. Will new measures need to go into place to protect people? Read on to hear what experts think.

The editorial content below is based solely on the objective assessment of our writers and is not driven by advertising dollars. However, we may receive compensation when you click on links to products from our partners. Learn more about our advertising policy.

The content on this page is accurate as of the posting date; however, some of the offers mentioned may have expired. Please see the bank’s website for the most current version of card offers; and please review our list of best credit cards, or use our CardMatch™ tool to find cards matched to your needs.

Online security protocols can be a real pain.

Logging in itself is often very frustrating – you forget your password, then when you try to reset it you forget the answer to one of your security questions. You take a stab at it, get it wrong and get locked out of your account.

And now that consumers are becoming more mobile each day — accessing their credit cards to make purchases on the go — security measures need to facilitate access, not hinder it.

The question is, how can credit cards remain secure with increased mobility? Will the old protocols be enough or will new ones need to be put in place?

Keep reading to hear what experts have to say on the subject.

Consider using temporary account numbers

Credit card companies already offer fraud protections so the user doesn’t have to worry about liability for unauthorized charges, Jason Reposa, CEO and co-founder of MyBankTracker, pointed out.

One solution to avoid fraud when you’re making on-the-go purchases is to employ temporary account numbers, or “virtual” credit cards.

A virtual credit card provides a merchant with a single-use number that changes each time you use your card — therefore your number, or token, is good only for that one purchase.

And because your number changes with each purchase, hackers can’t use it to commit fraud.

But they can also be clunky and inconvenient to use in their current state, Reposa said.

For example, depending on the service you use, returning a purchase to a merchant can prove difficult, because most want to reimburse you via your original method of payment.

Digital wallets could be a solution

“Another security measure worth noting is using digital wallets – such as PayPal, Mastercard Masterpass and Visa Checkout – that don’t require using card numbers,” Reposa suggested.

You can simply add a digital wallet app to your smartphone, which stores your payment information in an online account and tokenizes them, and make contactless payments right from your phone.

Tokenization is simply replacing data with an algorithmically generated number that replaces your credit card number; when you make a purchase the merchant can process your payment without seeing your actual bank information.

Although your chip card protects you against fraud when you pay for things at brick-and-mortar stores, tokenization can protect you when you make purchases online or via a mobile device.

Be smart about your smartphone

In order to keep your credit card information safe, it’s best to use only the payment platform that automatically comes with the phone, like Android Pay or Apple Pay – or use another reputable and trusted platform, said David Bakke, personal finance expert at Money Crashers.

There are likely plenty of fraudulent payment platforms available these days, but don’t take the bait, Bakke warned.

Also, keep in mind some apps you can download to your phone may contain malware or spyware, which could potentially enable someone to access your credit card information and result in fraud – so be wary in that respect as well, Bakke said.

“Make sure the remote lock feature is activated on your phone as well, in case it is lost or stolen. Give your device a strong, impenetrable password, and never make purchases using public Wi-Fi,” Bakke said.

Additionally, monitor your credit card accounts and look for purchases that don’t belong to you.

Bakke also suggested using another new convenience – contactless payments.

These types of payments – those you make by simply placing your phone or contactless credit card on the card reader – are essentially as secure as chip-enabled credit card payments.

See related:  Are contactless ‘tap-and-go’ credit cards about to take over the US market?

Monitor your cards

Robert Siciliano, CEO of the website Safr.Me, said consumers have little to no control over their credit cards being used without their authorization, period.

However, he feels that as long as consumers stick with the familiar idea of closely monitoring their card activity, they can at least refute unauthorized charges in real time.

“The most effective way to accomplish this is by setting up push notifications, which send cardholders emails or texts when their cards are swiped. This way, they can immediately contact their card company should the notification mean fraud,” Siciliano said.

Simon Zhen, research analyst for MyBankTracker, said the general sentiment regarding credit card fraud – in the way that it affects the end card customer – is reactive, not proactive.

Card issuers are already comfortable with the security protocols set in place, which allow them to guarantee card customers they won’t be out a single penny if legitimate card fraud affects their accounts.

For card customers, there’s an emphasis on catching these instances of fraud early on.

“This means setting account alerts to identify suspicious activity and simply taking a quick look at account statements on a monthly basis,” Zhen added.

“And, more and more, card issuers have introduced features that allow customers to lock and unlock their credit cards instantly through online or mobile banking,” he said.

See related: Credit card on/off switches: More card issuers adding them

Make sure your bank has your most current contact info

Sarah Strauss, head of fraud, U.S. Card at Capital One, said security is a top priority with financial institutions – and when customers are also proactive, those lines of defense become even stronger.

As a first step, consumers should make sure their contact information, including their mobile number, is always up-to-date with their bank so they can be alerted immediately if suspicious activity occurs.

And Strauss mentioned that Capital One offers ways to help users quickly detect fraud and keep tabs on their personal information while on the go.

For example, CreditWise from Capital One sends an alert if there are any meaningful changes on your Experian and TransUnion credit reports. It also tracks your Social Security number, and scans the dark web all in one place, for free – whether you’re a customer or not.

Eno, Capital One’s AI-based intelligent assistant, provides customers with proactive text and email alerts for potential fraud or suspicious activity. 

“Additionally, customers can boost their security with simple tips, such as downloading their bank’s app to give them on-the-go access to the latest security features like card lock and fraud reporting and signing up for instant transaction alerts so they can see spending in real-time,” Strauss said.

And never give someone – even if they claim to be a “trusted institution” – your personal information over the phone unless you called them directly, Strauss warned.

Mitigate retail security vulnerability

Amit Bareket is CEO and co-founder of Perimeter 81, a service designed to better secure network, cloud and application access for the mobile workforce.

He said three-quarters of retailers have experienced at least one data breach in the past, with more than half seeing a breach in the past year alone.

Currently, Bareket said, there exist significant gaps in retail cybersecurity, including a lack of IT support, poorly designed networks and systems that don’t have app and cloud control capabilities.

And this makes it easy for attackers to access vulnerable personally identifiable information (PII) and even make fraudulent transactions.

To mitigate these risks, Bareket said it’s essential to keep these tips in mind:

  • Ensure the site is secure: Make sure that the bank or online shop you are purchasing through uses Transport Layer Security (TLS), which encrypts your connection. To find out if a site is secure, look at the URL – if it starts with “https://” it is secure, but if it’s simply “http://” it’s not encrypted.
  • Set up bank account notifications: Some banks offer to send you free real-time notifications of any actions taken on your bank account, either by email or SMS. This is especially useful while traveling so you can monitor your transactions in real-time.
  • Encrypt your connection with a virtual private network (VPN): Protect your credit card information by using a VPN, a connection method used to add security and privacy to private and public networks by creating a secure, encrypted tunnel between your computer and the VPN remote server. Because a VPN connects to a remote server and directs your traffic through a secure network, you can safely use your credit card online with a protected connection.

See related: 3 major mobile payment security risks, and how to avoid them

Staying safe doesn’t have to be annoying

You have options regarding how you can increase your online security without significantly sacrificing convenience.

All of the experts agreed that setting up bank notifications to monitor your card activity is an excellent way to get alerts if there is any fraudulent activity on your credit card.

  • Keep your bank updated on your latest contact information so you can actually receive alerts.
  • Take care with your smartphone and use only the payment platform that automatically comes with the device or another reputable and trusted platform.
  • Consider using digital wallets – or even a VPN – for extra security. Whichever way you decide to keep yourself safe, make sure it’s not a nuisance.

What’s up next?

In Legal, Regulatory, and Privacy Issues

How can an immigrant forced to leave the U.S. manage credit card debt?

While legal action is unlikely, the debts could hamper your everyday life on your eventual return if your credit score has deteriorated.

Published: June 15, 2019

See more stories
Credit Card Rate Report Updated: July 10th, 2019
Business
15.61%
Airline
17.59%
Cash Back
17.68%
Reward
17.58%
Student
17.79%

Questions or comments?

Contact us

Editorial corrections policies

Learn more

Join the Discussion

We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, do not disclose confidential or personal information such as bank account numbers or social security numbers. Anything you post may be disclosed, published, transmitted or reused.

The editorial content on CreditCards.com is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company’s business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.