At hotels, supermarkets, or online shopping from your couch at home: You can quickly pull out your credit card – and your trip, groceries, or new shoes are paid for. Credit cards are practical, no question about it. But unfortunately, they are never 100% safe and the more they are used, the higher the number of cases of credit card misuse.
Katrin Sprenger from the start-up Silenccio and Isabelle Näf, an attorney at AXA-ARAG, have tips on how you can prevent credit card fraud. And they explain what you should do if you fall victim to credit card misuse.
Credit card fraud is when the card is stolen or falsified and used for illegal purchases. Online credit card misuse isn’t much different from physically stealing the card itself. There are three types of credit card fraud:
1. Card theft
If fraudsters steal your physical card, they can use it to pay right away – in stores and online shops.
2. Theft of electronic data
All cyber criminals need to make purchases in online shops or to make payments online is the card number, the name of the card holder and the security code.
3. Data theft from credit card providers and online shops
Time and again, Internet fraudsters and hackers pull off large-scale theft of the credit card data of customers from online shops or hotel chains.
There will never be absolute security in credit card payments – regardless of whether they are made physically or online. There are several alternatives: Buying on account, paying in advance, or paying through a payment service like Twint or PayPal. At the same time, the convenience of credit card payments cannot be dismissed and so it is probably best to familiarize yourself with the potential risks.
Payment services such as PayPal or Twint have the advantage that these systems are exclusively geared to payments and the providers invest a lot of time and money to make their service as secure as possible. Thus the security standard is accordingly high. By contrast, if I make a payment in a small boutique which “also” offers credit card payments, I, as the customer, must trust that the shop operator maintains their system, thus guaranteeing security. Another advantage of payment services such as PayPal that should not be underestimated is the buyer protection they offer. In the event of misuse, this means the customer then has another authority besides the credit card provider that will intervene if problems occur.
Absolutely. Whenever possible, “two-factor authentication” should be used. This applies equally to payments and to logins. The additional identification of the user with the second component improves security considerably yet again.
The question shouldn’t be “How often should I change my password?” but rather “How strong is my password?”. The strength of a password is defined by the amount of time needed to hack it. If the password is strong enough, then it is sufficient to change it every six to eight weeks. Today, many devices recommend extremely secure passwords when you create a new account, thus increasing the security of your login data.
Card holders often realize their data has been stolen months after the fact because they do not regularly check their statements. In many cases, it is then already too late to make a complaint about the credit card misuse. Banks and credit card providers only have to reimburse the lost money if the complaint is raised within a time period defined by the card provider.
If you notice your credit card has been stolen or misused, you should remain calm and quickly take the following steps to prevent larger losses. It doesn’t matter if you were the victim of a “real” theft – for example, if your wallet was stolen – or if Internet fraudsters stole your credit card data.
In general, there is a good chance that your bank or credit card company will pay for the loss in the event of misuse. But on the condition that you have fulfilled your duty of care. In short: Never save PIN codes near your card and always keep your PIN code well concealed when you type it in.
The duty of care also includes regularly checking your statements and reporting problems in good time.
For disputes, there is the bank ombudsman. For example, the ombudsman advises credit card holders regarding whether it is worthwhile in the situation in question to fight for a lost amount of money.
If you find suspicious or obviously fraudulent transactions on your statement, you should block the card immediately. With most providers, this can easily be done on your computer or cell phone, or via the relevant telephone hotline.
In a second step, you should contest the suspicious amounts or transactions and lodge a complaint. The corresponding forms can be found on the website of the provider, bank, or credit card company. The objection must be made in writing and signed. A call is not enough. As a rule, you have 30 days to do this. If you miss this deadline, you may in the end have to bear the loss yourself.
As a final step, you should report the Internet fraudsters to the police – in many cases, a report is required as proof for the bank or credit card company.