At hotels, supermarkets, or online shopping from your couch at home: You can quickly pull out your credit card – and your trip, groceries, or new shoes are paid for. Credit cards are practical, no question about it. But unfortunately, they are never 100% safe and the more they are used, the higher the number of cases of credit card misuse.
What is credit card fraud or credit card misuse?
Credit card fraud is when the card is stolen or falsified and used for illegal purchases. Online credit card misuse isn’t much different from physically stealing the card itself. There are three types of credit card fraud:
1. Card theft
If fraudsters steal your physical card, they can use it to pay right away – in stores and online shops.
2. Theft of electronic data
All cyber criminals need to make purchases in online shops or to make payments online is the card number, the name of the card holder and the security code.
3. Data theft from credit card providers and online shops
Time and again, Internet fraudsters and hackers pull off large-scale theft of the credit card data of customers from online shops or hotel chains.
Are credit card payments even secure? What would be the alternative?
There will never be absolute security in credit card payments – regardless of whether they are made physically or online. There are several alternatives: Buying on account, paying in advance, or paying through a payment service like Twint or PayPal. At the same time, the convenience of credit card payments cannot be dismissed and so it is probably best to familiarize yourself with the potential risks.
Are there major differences in security when it comes to credit card payments?
Payment services such as PayPal or Twint have the advantage that these systems are exclusively geared to payments and the providers invest a lot of time and money to make their service as secure as possible. Thus the security standard is accordingly high. By contrast, if I make a payment in a small boutique which “also” offers credit card payments, I, as the customer, must trust that the shop operator maintains their system, thus guaranteeing security. Another advantage of payment services such as PayPal that should not be underestimated is the buyer protection they offer. In the event of misuse, this means the customer then has another authority besides the credit card provider that will intervene if problems occur.
For some online shops, I also have to enter a code I receive by text message. Does that increase security?
Absolutely. Whenever possible, “two-factor authentication” should be used. This applies equally to payments and to logins. The additional identification of the user with the second component improves security considerably yet again.
Card holders often realize their data has been stolen months after the fact because they do not regularly check their statements. In many cases, it is then already too late to make a complaint about the credit card misuse. Banks and credit card providers only have to reimburse the lost money if the complaint is raised within a time period defined by the card provider.
Do I have to bear the financial loss incurred?
In general, there is a good chance that your bank or credit card company will pay for the loss in the event of misuse. But on the condition that you have fulfilled your duty of care. In short: Never save PIN codes near your card and always keep your PIN code well concealed when you type it in.
The duty of care also includes regularly checking your statements and reporting problems in good time.
Should I immediately raise an objection if I discover irregularities on my credit card statement?
If you find suspicious or obviously fraudulent transactions on your statement, you should block the card immediately. With most providers, this can easily be done on your computer or cell phone, or via the relevant telephone hotline.
In a second step, you should contest the suspicious amounts or transactions and lodge a complaint. The corresponding forms can be found on the website of the provider, bank, or credit card company. The objection must be made in writing and signed. A call is not enough. As a rule, you have 30 days to do this. If you miss this deadline, you may in the end have to bear the loss yourself.
As a final step, you should report the Internet fraudsters to the police – in many cases, a report is required as proof for the bank or credit card company.
For disputes, there is the bank ombudsman. For example, the ombudsman advises credit card holders regarding whether it is worthwhile in the situation in question to fight for a lost amount of money.