Many or all of the companies featured provide compensation to LendEDU. These commissions are how we maintain our free service for consumers. Compensation, along with hours of in-depth editorial research, determines where & how companies appear on our site.
As the holiday shopping begins you will soon hear and see warnings from local law enforcement agencies and retailers discussing the elevated risk of credit card fraud due to the increased volume of credit and debit card transactions. Credit card companies updated nearly every credit and debit card this year with an embedded EMV security chip to help reduce the possibility of in-person credit card fraud. With the widespread distribution of chip cards, are consumers safer shopping online or in-person this holiday season?
How Credit Card Fraud Happens
Credit card fraud happens in two common ways. The first way is from a practice known as skimming. This is where card thieves install malware (a malicious computer program) or a very small device on a card reader machine that wirelessly transmits personal payment data each time the magnetic strip on the back of a credit or debit card is swiped.
The EMV chip now found on the front of most credit cards has been employed by the credit card companies to prevent skimming as it uses a random code, instead of static personal data stored on magnetic card stripes, to complete each transaction. As it has been a year since merchants have been held responsible for reimbursing fraudulent purchases, a lot of merchants can still only accept the traditional magnetic strip payment transactions. At least most major “big box” retailers can accept EMV payments, something they couldn’t say last Christmas.
The second method of fraudulently acquiring credit card data is from data breaches. As EMV card transactions become more prevalent across the country, this is quickly becoming the “next frontier” to steal sensitive payment information. Hackers simply break into the payment information servers of various merchants, think T.J. Maxx in 2007 that affected over 45 million consumers or create fake mobile apps and websites that look nearly identical to the real merchant marketplaces. Before retailers and customers realize, it is too late and the hackers have probably received enough information to create duplicate credit cards and making phony purchases.
As the closing weeks of the year are the busiest commercial time each year, credit card thieves and hackers are working just as hard to steal the increased business volume. And, they can strike using some of the methods mentioned above. The adoption of EMV chip cards in the U.S. will be put to the test this holiday season to gauge the effectiveness of this new credit card payment method that will be widely used by consumers at the giant retailers. This technology has been employed for almost 30 years now across Europe and has greatly reduced the prevalence of in-person credit card fraud. But, online fraud has continued to increase each year.
Is Shopping In-Person Safer?
Yes and no. As more merchants begin accepting EMV chip cards instead of swiping your credit or debit card, the possibility of skimming is nearly impossible for EMV transactions. But, many ATMs and gas station pumps are not required to have the new capabilities until 2017. Unmonitored or remote locations like the after-hours bank ATM or self-serve gas pumps have always been and are still the most likely place for credit cards to be skimmed.
It is a lot harder for a thief to access a card reader at a major retail establishment like Wal-Mart where a cashier is always present. The greatest risk of in-person card fraud, at the moment, is at gas station pumps because they are unmonitored and easily accessible to thieves. Always look for evidence of tampering or thin transparent pieces of plastic in the card reader slot.
For in-person transactions, merchants still store the payment information on an online server. With EMV transactions, payment information is still stored on their servers, but, because each EMV transaction uses a unique one-time computer code, most of the information is useless to the hackers. But, this doesn’t mean that retailers and credit card security experts can go on vacation this holiday season. Hackers continue to become more innovative and the “good guys” are always competing to stay ahead of the curve. Unless you pay with cash, any digital transaction is susceptible to data theft.
If you purchase online, it doesn’t matter if you have an EMV chip card or not. For “card not present” transactions, when credit card data is keyed in manually instead of swiping or inserting the chip, hackers can acquire this information from breaching payment servers. It’s the digital equivalent of card skimming. While they might not make a physical duplicate card and go on a spending spree in-person, they can use your card data to make online purchases for themselves as well.
Overall, it probably is safer to shop in-person instead of online when it comes to credit card fraud. But, then you run the risk of vehicle break-ins in retail parking lots or losing your wallet. Whether you shop online, in-person, or both, it is recommended to routinely monitor all your credit accounts for questionable purchases or potential identity theft.
Author: Jeff Gitlen
Best Credit Cards by Type
Credit Cards by Brand