Take a few seconds to open your wallet and look at your credit card. Notice anything different about it than you did a few months ago? Your credit card issuer most likely sent you a replacement card in the mail a few months ago that has an embedded metal chip on the front.
Your old card still worked perfectly fine, but this one is more secure and will greatly reduce the chances of credit card fraud. This forces credit card thieves to work much harder to steal your payment information, and unfortunately, credit card fraud still happens as fraudsters move to online shoppingsites instead.
Why the Transition?
The credit card issuers’ self-imposed mandate of reissuing all credit and debit cards with an EMV chip is a decades-old technology that has greatly reduced in-person credit card fraud in Europe. While the majority of U.S. merchants still do not have the capability to accept EMV chip cards, the number is increasing each day. As more merchants, ATMs, as gas pumps upgrade their payment systems, fraudsters will no longer be able to skim payment information from the magnetic strip that is vital to make a functioning counterfeit credit card. With an EMV chip, the payment is processed with a one-time access code from the credit card to the credit card reader.
As a result of the technology upgrades, credit card thieves are having to get more innovative in their methods to steal personal payment information. This means they are shifting towards new methods of attack such as targeting the payment servers of online merchants. While an EMV chip card can make it near impossible for a thief to steal your card information in the checkout line, EMV technology is no different than the outdated magnetic strip when it comes to online transactions. They can siphon online credit card information from any location with an internet connection and breach a payment server and having access to sensitive information.
In recent years, data server breaches have been widespread with one of the largest events being the 2007 T.J. Maxx data breach affecting 45 million+ consumer accounts. While most breaches are not this widespread, they happen all the time across the globe. As the world becomes more digital each year, the presence of online credit card scammers will more than likely increase instead of decrease. Even if thieves do not steal credit card information, personal information stolen from digital medical records breaches can allow thieves to assume a fake identity, apply for a fraudulent credit card, and go on a spending spree.
Online Credit Card Fraud Statistics
According to the 2016 American Express Digital Payments Security Survey, approximately 48% of the survey respondents who shopped online had experienced payment fraud within the past 12 months. Online merchants are losing an estimated 8.6% on annual revenue because of fraud. As 70% of merchants have reported an increase in online and mobile sales since last year, online credit fraud is the next looming challenge for consumers, merchants, and the credit card companies to keep the costs of card fraud low.
American online credit card fraud, also referred to as “card not present” fraud because a card isn’t physically swiped to complete the fraudulent transaction, is estimated to reach $4 billion in 2016. It was $3.2 billion in 2015 and is expected to increase to $7 billion in 2020. While some of these estimates will stem from fraudulent “card present” transactions, the majority of the fraud will stem from online theft once most brick-and-mortar merchants and gas stations begin accepting EMV payments.
How Consumers Can Prevent Online Card Fraud
There are a couple actions steps that consumers and merchants can take to prevent data theft. Consumers are at risk of having their data stolen anytime they submit their card information on an online website, but, there are ways to reduce the risk factor.
Do Not Store Payment Information on Merchant Server
By saving your favorite credit card on the merchant’s server, while convenient, can increase the likelihood that the card information can be involved in a data breach as thieves are usually only able to obtain data from a specified time period. As an example, your most recent purchase was in February from a digital store. The company recently discovered a breach for all card data on record between June and July. If your card data was stored, it’s possible that it could have been involved in the breach even though it wasn’t used to make a purchase.
Plus, if hackers can figure out your password they do not even have to know your credit card number beforehand if the information is stored for future purchases.
Shop on Secure Websites
Just like your online bank has additional security layers activated to prevent fraud, you should only try to shop on merchant websites with a secure payment server. The easiest way to determine this is that the URL address will begin with https:// instead of the standard http:// before the domain name. This means the site is encrypted and harder to hack.
Only Use One Credit Card for Online Shopping
Only using one card for online shopping makes it a lot harder for thieves to steal your payment information. In the event of a data breach, you will still most likely have a spare credit or debit card that you can use for purchases until a replacement is issued.
Do Not Use Unsecured, Public Wi-Fi
If at all possible, shop on a password protected Wi-Fi network at home, instead of at the public library or coffee shop. Unsecured networks make it easier for scammers to intercept your computer and internet activity. With a little time, they can obtain the information required to complete phony purchases.
How Merchants Can Prevent Online Card Fraud
While consumers can develop some secure shopping habits, merchants can also update their websites to make it more difficult for thieves to steal information. Online fraud will still happen, but it will become less prevalent.
Encrypt Order Payment Process
One of the easiest steps a merchant can take is using an encrypted payment process. This means their URL address will be https://onlinestore.com instead of http://onlinestore.com. The extra letter shows that the website is encrypted, making it harder for hackers to steal information and it also makes customers feel more secure.
Require CVV Verification
According to the 2016 American Express survey, approximately 80% of consumers are willing to enter the three digits on the back of the credit card to verify the purchase. Approximately 57% of retailers require the CVV to be submitted to complete the purchase. While thieves can obtain this number, it can stop some in their tracks that only have the actual credit card number and billing information.
Create a Customer Profile or Security Questions
Just as online banks require security questions to be answered to complete the login process, this can make it very difficult for thieves to hack into an account and helps protect against weak account passwords that are easy to guess.
Author: Jeff Gitlen
Join the LendEDU Newsletter
News, insights, & tips once a weekThanks for submittingPlease Enter a valid email
Best Credit Cards by Type
Credit Cards by Brand