Legal, Regulatory, and Privacy Issues

How to avoid credit card security overkill


While protecting your credit and money is important, it’s also possible to go to unnecessary extremes, causing undue stress and hypervigilance

The content on this page is accurate as of the posting date; however, some of our partner offers may have expired. Please review our list of best credit cards, or use our CardMatch™ tool to find cards matched to your needs.

When it comes to financial security, you can never be too cautious. Wherever you live, scammers always seem to be one step ahead of consumers and the authorities.

For example, in June 2017, a new breed of virtually undetectable skimmers using infrared technology were discovered in ATMs in Norman, Oklahoma, allowing thieves to steal debit and credit card information. You better conduct all business inside the bank from now on, right?

Not so fast. While protecting your credit and money is important, it’s also possible to go to unnecessary extremes. Here are the most common payment security overreactions and suggestions for transforming them into more rational – and effective – defensive practices.

1.Check credit and bank statements to watch for fraud.
2.Shop online only via secured websites.
3.Use fraud alerts, or in extreme cases, a credit freeze.
4.Use credit cards regularly and carefully.
5.Check credit reports annually.

Overreaction: Refusing to give your credit card to a waiter.
Much has been reported lately about how wait staff can take your credit card “in the back,” steal its information with a skimmer and then create cloned cards. Annika Stensson, director of media relations for the Washington, D.C.-based National Restaurant Association, says to relax.

“Like every other merchant, [restaurants] must comply with standards, and those requirements have double and triple security,” says Stensson.

Restaurants, “don’t store PIN data, the point-of-sale (POS) systems are customized, and they don’t use passwords.”

Bad eggs are weeded out, too. “It’s in the best interest of restaurants to keep transactions safe since they rely on repeat customers,” she says, stressing that owners and managers press criminal charges against thieves.

Sensible: Charge your meal, but “check your credit and bank statements and keep your receipts,” says Stensson.
If you spot a discrepancy, call the restaurant to quickly resolve it, and remember you won’t have to pay for fraudulent charges.

Look for increased levels of security against secret skimming, too. More restaurants are offering a “pay at the table” option with tabletop or handheld POS systems. With them, your card will never be out of your sight.

Overreaction: Not purchasing anything online.
If you’re reluctant to type your credit card numbers into a retailer’s website for fear of being hacked, you’re got plenty of company. A 2016 study conducted by the Department of Commerce found that half of U.S. internet users are “deterred” from online shopping due to privacy and security breach worries.

Hillary Mendelsohn, founder of The Purple Book online shopping guide, says much of the danger is a myth. Besides, she says, you miss out on a lot when just sticking to brick-and-mortar stores, including, “the ability to have the entire shopping world at your fingertips, the convenience of having things delivered and getting better deals.”

Sensible: Look for the “s” in the website URL.
Before charging, make sure the page of the website where you enter your card information begins with “https” rather than just “http.” The “s” stands for secure.

Mendelssohn also recommends looking for the seal of an outside security company, such as the TRUSTe symbol at the bottom of every page, and she says you should never give your credit card information as payment via email. And she also advises monitoring your card activity online weekly to watch for fraudulent activity.

Overreaction: Imprisoning your credit file without probable cause.

The three major credit reporting agencies, TransUnion, Experian and Equifax, give consumers the right to restrict access to their credit reports to potential lenders.

With a credit freeze in place, thieves would have a hard time opening or altering accounts because issuers can’t approve requests without that information. However, credit freezes should only be used when you’re genuinely at risk for fraud, such as when a family member has used your personal details to open accounts in your name.

Two things to note: There is a fee to add and remove a credit freeze, unless you’ve already been a victim of identity fraud. And if you’re in the market for a credit card, loan, insurance product, or even a job, a credit freeze can take up to three business days to thaw.

Sensible: Consider setting up a fraud alert.
An initial fraud alert is free from any of the three credit reporting agencies (the one you contact will notify the other two), and will also act as a barrier to identity theft.

A fraud alert is a good tool if you’re concerned fraud might occur. Any business that checks credit reports must first verify your identity before approval. A fraud alert lasts for 90 days and is renewable. An extended fraud alert lasts for seven years, but you’ll need to already be a fraud victim and have filed a police report to get one of those.

Overreaction: Completely rejecting credit.
A cash-only lifestyle may appear safer than one that incorporates credit cards, but that’s just not so, says Boston-based identity theft expert Robert Siciliano.

“Credit is safer than cash,” says Siciliano. “I don’t worry about my credit cards or fraud at all. I use them over the phone, in real life, online, everywhere.”

After all, lost or stolen cash is gone for good, but if someone else uses your plastic, you typically won’t have to pay for the fraudulent charges, unless you purposely hand over your card to someone to use. And, if you avoid borrowing from a bank altogether, you won’t build a good credit score and history – two things you’ll need if you ever want to finance a home or get low rates on insurance or car loan.

Sensible: Use credit cards, but pay attention to your statements.
“Check them online at a minimum every month,” says Siciliano. “Every two weeks is better – this way you can monitor fraud as well as your spending,” says Siciliano.

Take advantage of bank and credit issuer alerts, too, which will notify you via text when transactions occur. This way you’ll know in real time if someone else is fraudulently using your card.

Video: Protect your identity in ways chip cards can’t

Overreaction: Pulling credit reports constantly.
Should you keep a close watch on your credit reports? Absolutely. But John Ulzheimer, credit report authority and author of “The Smart Consumer’s Guide to Good Credit,” warns against excess.

“It’s definitely unnecessary to check your reports every day or every week,” says Ulzheimer. “The information won’t change that rapidly, so it’s a waste of time and money.”

Sensible: Pull credit reports semi-annually.
Under most circumstances, getting your consumer credit reports at once a year for free is adequate. You can pull one from each of big three credit bureaus every four months. You can also get your free TransUnion credit report and track your credit at

However, says Ulzheimer, if you’ve had experience with identity theft in the past, be more diligent than checking your credit reports semi-annually. “Quarterly is a healthy frequency,” he says. If you have been a fraud victim, he also suggests subscribing to a credit monitoring service, as that can be more efficient and less stressful than doing it on your own.

With so much press about identity theft and fraud, it’s easy to become overly skittish about having and using credit. But don’t let it stop you from taking advantage of the conveniences and protection credit cards offer. A few smart precautions can go a long way

See related: Infographic: Higher fraud numbers can mislead, How to check for, fix ID theft or fraud, Credit monitoring services: How to pick the best one

Editorial Disclaimer

The editorial content on this page is based solely on the objective assessment of our writers and is not driven by advertising dollars. It has not been provided or commissioned by the credit card issuers. However, we may receive compensation when you click on links to products from our partners.

What’s up next?

In Legal, Regulatory, and Privacy Issues

9 steps to take if your credit card data is hacked

When it comes to protecting customers, all banks are not alike — but what can you do if your bank’s database gets hacked?

See more stories
Credit Card Rate Report
Cash Back

Questions or comments?

Contact us

Editorial corrections policies

Learn more