Debit Cards: Signature or PIN, what’s What?

What kind of debit card do you have? The two types are direct debit cards and deferred debit cards.
Direct debit

  • Use of a PIN (personal identification number), which the bank issues or you choose. Card purchases require entering the PIN, and money is taken out of your checking account on the spot.
  • PIN-based transactions cost retailers less to process, and many banks pass the transaction fee onto the cardholder.
  • Bank fees range from 25 cents to $1.50 per every PIN direct debit purchase. Not all banks blatantly notify the consumer of this, but this should be visible on the checking account statement.
  • Usually safer than the deferred version, as a thief needs to know the PIN to use the card. For obvious reasons, direct debit cards are safer for online use than are deferred debit cards.
  • Cannot be overdrafted unless you opt into overdrafting at the time of account creation.

Deferred debit

Think of a fusion between a traditional credit card and a direct debit card. Rather than on the spot of a purchase, money is withdrawn from your checking account within two or three days of the purchase.

  • No PIN required; only the signature of the cardholder.
  • Has potential for an overdraft, resulting in a fee. The purchase will get cleared even if you don’t have sufficient funds in your account.
  • The overdraft fee could be $30 or more.
  • Tend not to have any transaction fee.

Both of these cards provide a degree of protection for the consumer. With each it is essential the consumer checks their statements frequently as federal law requires banks to refund stolen funds when reported in less than 3 days and up to 60 days depending on the nature of the card.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Debit Cards Fraud Means Difficult Recovery

There are 437,000,000 debit cards in circulation, and their use is on the rise. Criminal hackers are paying attention. Credit cards offer some measure of protection when it comes to “zero liability policies,” as long as the cardholder refutes the charges within 60 days. But when a debit card is compromised, the stolen money is can be hard to get back.

I get unfortunate emails like this all the time:

“I was a victim of debit card fraud. I live in Las Vegas, NV and have a debit card and I know that not all rules apply for debit cards. We had a problem out here with “skimming.” Over $300.00 dollars was taken from my account and I still had the card  in my possession. It was done at 2 bank ATM machines, about 2 minutes apart on different sides of town. I contacted my bank and got no results. My bank said that I had to have given my card and pin number to someone. I fought and fought and lost. I know that there is or was a time limit of this but is there anything else I could have done?”

Federal laws limit credit card holder liability to $50 in the case of fraud, as long as the cardholder disputes the charge within 60 days. Debit card fraud victims must notify the bank within two days after discovering the fraudulent transactions in order to maintain this $50 limit. After that, the maximum liability jumps to $500. And if a victim doesn’t discover or report the fraud until after 60 days have passed, the liability could be the entire card balance, for a debit or credit card. Once your debit card is compromised, you might not find out until a check bounces or the card is declined. And once you do recover the funds, the thief can just start all over again, unless you cancel the account altogether.

Here is Regulation E in black and white:


Limitations on amount of liability. A consumer’s liability for an unauthorized electronic fund transfer or a series of related unauthorized transfers shall be determined as follows:

(1) Timely notice given. If the consumer notifies the financial institution within two business days after learning of the loss or theft of the access device, the consumer’s liability shall not exceed the lesser of $50 or the amount of unauthorized transfers that occur before notice to the financial institution.

(2) Timely notice not given. If the consumer fails to notify the financial institution within two business days after learning of the loss or theft of the access device, the consumer’s liability shall not exceed the lesser of $500 or the sum of:

(i) $50 or the amount of unauthorized transfers that occur within the two business days, whichever is less.”

Debit card fraud can happen a number of ways. ATM skimming, gas pump skimming, or point of sale skimming are a few. The key, of course, is the bad guy gets your PIN. In the end, the bank doesn’t want to believe that you were defrauded. It’s cheaper for them to conclude that you are lying.

Always cover up your PIN when entering in any POS, pump, or ATM.

As inconvenient as this may seem, if you are a regular user of a debit card, you should check your statements online daily.

Consider limiting your debit card use. I use mine for deposits and withdrawals. But I only use it around two or three times a month.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses credit and debit card fraud on CNBC. (Disclosures)