Retail Payments Risk Forum
Font Size: A A A

Portals and Rails

« The new consumer protection agency looks at prepaid cards | Main | MintChip: Sounds like ice cream, but it's actually money »

June 11, 2012

A human firewall? Tips to keep information secure

As we've discussed on Portals and Rails in the past, PIN cardholder verification offered by ATM and debit cards has proven superior in preventing fraudulent transactions compared to signature cardholder verification. And while a PIN is a solid fraud deterrent, it is by no means 100 percent effective in reducing fraud. As we are in the midst of ATM and Debit Card Safety Awareness Month, it is important for consumers to understand their responsibility in the fight against cardholder fraud.

Financial institutions and the ATM and debit card networks have robust fraud detection and prevention systems and measures in place. However, cardholders need to view themselves as "human firewalls" of sensitive data, including ATM and debit card information and PINs. While fraudsters have become highly sophisticated at obtaining this data, weak PIN selection and security by cardholders makes it easier for fraudsters to commit their crimes.

In today's prolific social media world, weak PINs do not just include simple numbers such as "1111" and "1234." With more information than ever about us online, a birth date, address number, or even an anniversary date could prove to be an easily guessed PIN. According to a study by a Cambridge University Computer Laboratory team, one out of every 11 wallets could contain cards with easily discovered PINs. And ATM and debit card fraud can be more costly to cardholders than credit card fraud. Fraudulent ATM and debit card transactions verified by a PIN generally carry a higher consumer liability limit than do credit card or signature debit transactions. This is especially true if a consumer fails to report a card or PIN as lost or stolen or identify a fraudulent transaction in a timely manner.

In the spirit of ATM and debit card safety awareness, we encourage all cardholders to strengthen any weak PINs as well as follow these and other suggested tips from the PULSE ATM/debit network:

  • Monitor your financial account statements.
    Many experts recommend reviewing accounts online daily so that any suspicious activity is spotted quickly. Switch from postal delivery of statements to online access or ensure that mailed statements are sent to locked boxes and not left available to fraudsters.
  • Protect your wallet, purse and PIN.
    Carry only what you need and avoid carrying items with private information such as your Social Security number. Don't share your PIN with anyone. That means don't write it down and don't give it to a clerk or anyone else to enter for you.
  • Be extra alert at ATMs.
    Don't use an ATM if it is in an unlit or hidden area. Block the keypad while entering your PIN so you can't be observed. If an ATM looks phony or has a suspicious card reader that is loose or not part of the main body of the machine, do not use it.
  • Protect your online shopping.
    Update computer anti-virus software, anti-spyware, and firewalls. New attacks come frequently, and your software provider will frequently send updates to stop them. Use only secure sites and network connections when shopping online.
  • Protect personal information online.
    Limit social media access to friends only and don't "friend" people you don't know. Fraudsters use personal information such as birth dates, family and pet names, high schools, and birth cities to "verify" your identity.

Douglas A. KingBy Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 11, 2012 in cards, consumer fraud, identity theft, malware | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01630665afc9970d

Listed below are links to blogs that reference A human firewall? Tips to keep information secure:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in