By now you are probably adapting to the latest additional inconvenience at the check-out stand: inserting your chip card and waiting for authorization. Thanks to the recent epidemic in data breaches, merchants in the United States are finally catching up with the rest of the world in adopting this technology to render card counterfeiting much more difficult. Perhaps not surprisingly, cyber crooks are not giving up without a fight, and are now turning their attention to a more vulnerable transaction mode.
Christopher HopkinsThey are trying to rip you off online.
Increasingly, hackers are targeting shoppers who never present a physical card for payment and are therefore not protected by the pin and chip security technology. This year's hot item in credit fraud is using your stolen card data to buy stuff online or over the phone without your knowledge. Industry experts anticipate a significant spike in online fraud attempts this holiday season, increasing as much as 40 percent over 2015.
Chip and pin technology does nothing to prevent fraud when engaging in so-called "card not present" or CNP transactions, typically including website purchases or phone orders where the merchant never sees or handles the card.
The surge in cardholder rip-offs is also being facilitated by the growth in omnichannel distribution: ordering online or by phone for next-day pickup in a physical store rather than delivery at home.
Internet thieves order and pick up the merchandise in question long before you even know your card number has been used. According to payment processing firm ACI Worldwide, categories that seem to attract the most activity this year include jewelry, electronics and expensive sneakers, but also Dyson vacuums (something about a clean getaway?). The average bogus transaction runs around $219, according to ACI.
Merchants already spend a tremendous amount on fraud prevention, in excess of 7.5 percent of revenues on average, according to industry statistics. This year, card-not-present scams are projected to steal a total of $4 billion and grow to more than $7 billion by 2020. Vendors, banks and card processing firms are working together to deal with the new threat by adding additional security measures in time for next year's holiday shopping season. But ultimately, the responsibility rests upon the consumer to watch for and report fraudulent activity.
Begin by regularly reviewing the transaction details for your credit card accounts. Visit the card issuers' websites at least weekly to look for unauthorized or unfamiliar transactions, and immediately report any suspicious activity to the card company. Doing so promptly will ensure that you are not liable for any fraudulent purchases. As an extra measure, ACI suggests setting up automated alerts via email or text for purchases exceeding a specified limit.
Also, be certain to patronize only well-known online merchants. Avoid websites with which you have no prior experience, or at least secure a recommendation from a trusted friend or associate who has patronized the site. Do not store your credit card number in your account profile, and be sure the site is secure (look for the "https" prefix in the site's web address instead of "http"). And if possible consider using a third party payment service such as PayPal.
Increased security at the checkout counter has reduced the likelihood your stolen card data will show up in the store. But scammers and fraudsters have been driven to the internet in droves, and may be looking to nab a lovely Christmas gift on your dime. It makes sense to be aware and take a few simple precautions to help deter or detect fraudulent activity online.
Christopher A. Hopkins, CFA, is a vice president and portfolio manager for Barnett & Co. in Chattanooga.