Robert Siciliano Identity Theft Expert
In a recent article in Computer World, Tom Patterson CSO of Magtek, with his Glamor Shot photo, provides “5 counter-fraud tips you’ve never been told”. Anything a consumer can do to reduce their risk for account takeover, they should exercise. While in most cases the consumer isn’t responsible for the losses, as long as you refute the fraud in a specified time frame, and it’s your duty as a citizen to do so. Studies show much of the terrorists funding is coming from card fraud. Card fraud is a breach of national security.
Tip#1 Stare down your waiter, waitress, gas station attendant or anyone who you hand your card. Or at least stare at the card in process. You want to see where that card is going and how it’s being used. The idea here is to make sure the card isn’t being “skimmed” with a skimmer. This is good advice when it’s possible. Most waiters, gas station attendants walk away with the card. This really only works at a POS where the clerk never leaves the terminal. What you should see is the clerk swiping the card through a PC/register based fixed keyboard or terminal. If you see them swipe the card in a handheld skimmer or something on their body, like attached to a belt or ankle that’s a redflag.
Tip#2 Shield your pin. This is absolutely necessary at any POS or ATM. The public nature of these devices makes it very easy for someone to shoulder surf and grab your pin. A cell phone video cam over your shoulder, a video camera from 50 feet away, binoculars or even a hidden camera attached the to face of the ATM can all compromise your pin. See here as explained in this video I did on ExtraTV demonstrating how I bought an ATM off Craigslist and rolled it all over Boston.
Tip#3 Change your card number. With millions of card numbers hacked over the last few years, chances are yours was compromised. I for one have had 3 changes of credit cards due to card issuers being proactive and sending me a new card whether I liked it or not. Tom suggests voluntarily changing your credit card number every few months. While this is an extra layer of protection, it’s not at all practical and I doubt even Tom does it. I have numerous EFT’s set up with my cards and changing the number means changing them as well. It’s enough of a burden to change it all when the banks issue a new card. But a nice idea if you have the time.
Tip#4 Check your credit card statements every day. This is an extra layer of protection that requires savant like attention. You check your email every day so checking your credit card statements every day is do-able right? Every week is sufficient. Even every 2 weeks is OK. Just make sure to check with your bank to determine what their cutoff date is to refute unauthorized withdrawals. For most credit cards it’s 60 days. For most banks it can be under 30 days. This is the most important tip of all.
Tip#5 Authenticate the card. Or the card holder. Today this is out of the hands of the consumer. There are a number of new technologies that if banks/retailers/industry adopt to identify the actual card/user at the POS or even online then most, if not all of the card fraud problems will be solved. There is a race going on right now to see who gets there first. In the next 1-5 years we may see new cards being issued such as “chip and pin” which are standard in Europe. Or no new cards at all but changes in the system that the card holder is unaware of, or a 2 card system that requires a second swipe of another authenticating card the hacker doesn’t have access to. There are also readily available technologies that will allow the turning on/off of your card with your own preset spend limits too. We will see how this all plays out.
Robert Siciliano identity theft speaker discussing credit card fraud on CNBC