Card fraud doesn’t just cost businesses money. It also damages retailers' relationships with customers and, in some cases, disrupts customers’ lives. And fraud is on the rise, especially against online sellers. That's because the conveniences of the digital age have also created new ways for criminals to steal card data – by tricking consumers into sharing account information, by abusing online checkout tools, and by hacking retailer data or buying stolen card numbers. To thwart fraudsters, everyone has a role to play, from individual consumers to businesses of all sizes.
How consumers can protect their data
More than 15 million Americans fell victim to card and identity fraud in 2016, according to Javelin Research. That's a 16 percent increase over 2015, and the numbers are expected to keep climbing. Modern fraud goes beyond thieves using stolen credit card numbers to make online purchases for resale, although that's an increasingly common crime.
Fraudsters also use bots to “test” stolen card numbers to match them with card security codes and billing zip codes, and they use password-cracking tools to break into and take over consumer's accounts at online retailers. Thieves sometimes resort to old-school tactics like stealing mail to get consumer data, too. Once fraudsters have a consumer's card data, name, and address, they can use that identity to create entirely new accounts and rack up charges that the victim may not learn about until days, weeks, or even months later. Even if it turns out to be the merchants' responsibility if purchases were made with your stolen credit card and identity, sorting the mess out takes time and energy.
To protect yourself, add a few modern safety measures to the traditional safeguards of regularly checking your account statements and credit reports for suspicious activity.
Use strong, unique passwords for all your accounts. The most convenient way to do this is to use a password generation and storage service like LastPass. Using the same password for multiple accounts and using weak passwords puts you at risk for password cracking and account takeovers. Protect your most important accounts with two-factor authentication if it's an option.
Be careful about social networking. Share your personal data only with people you know and trust. Thieves can and do collect information on social media users' hometowns, children's and pets' names, and hobbies to guess passwords and security questions for account takeover.
Go paperless or get a post office box. This prevents thieves from swiping bills, card statements, and other personal data from your mailbox.
Use caution when sharing payment information. Always look for the security icon in the web address of merchants you shop with so your data is protected. Download shopping apps directly from the retailers' websites, the App Store, or the Google Play Store. Never follow email links that ask for your password or account information. Likewise, don't give your card number to a stranger who calls you. Reputable merchants who call to verify an online purchase will have other ways to confirm your identity.
Don't avoid the Internet. Ironically, the Javelin study found that consumers who stay offline for fear of fraud suffered the highest losses of any group in the survey and took an average of 40 days to realize they'd been scammed. Use digital tools to keep tabs your card activity, bank balances, and logins.
How businesses can guard against fraud and data theft
E-commerce and omnichannel retailers of all sizes can get hit by fraud in two main ways: transaction fraud and theft of customer data.