I’ve had a credit card since I was in college; when I first got one, my dad instilled in me that a credit card is basically cash and that I should never spend more than I have. Credit cards, to me, have two main advantages over cash; first, I don’t have to carry much cash and second, there is a little consumer protection in that I can dispute a charge if there is something wrong with the goods or services. Given that, I use my credit card for almost every transaction I can both online and in stores (it doesn’t hurt that my current card gives me cash back and has extended warranty protection).
With the amount that I use my credit card, it really didn’t surprise me the first time a fraudulent charge appeared on my statement. Throughout my career, I’ve had the opportunity to be on the merchant side of credit card processing and have seen how credit card numbers are mishandled.
In the last few years, I’ve learned a lot about credit card processing from my work at PayPal and now my work on retail systems. As part of my work, I had to create test credit cards to run on the processing equipment; I used numbers that passed the Luhn algorithm and wrote the numbers to mag stripes on blank white cards (they couldn’t be mistaken for real cards). This process taught me how easy it is to take a real credit card number and burn it onto a card so that it could be used in a store. The chip technology now in cards is designed to prevent this type of fraud.
The most recent time my card number was compromised was last month when I got an alert about several charges in New York at a restaurant and a hair salon. These charges were done in-person where the card number was written to another card. The merchants did a manual swipe and didn’t bother looking at the card to verify the last 4 digits matched the imprinted digits.
The only way to put more of a dent in in-person credit card fraud is to completely stop processing swipes; the problem with this is certain cards such as prepaid cards don’t use the chip. This, of course, doesn’t help online fraud. Banks have gotten much better at detecting fraud early but unfortunately by that time the damage has already been done.