How can you plan to protect yourself against this increasingly common crime?
Debit card data theft has surged lately. According to FICO’s Card Alert Service, the number of businesses or ATM locations where debit cards were hacked rose 26% from 2015 to 2016. Additionally, the number of compromised cards has steadily risen during this decade.
Crooks can attach skimmers to ATMs or point-of-purchase devices in seconds. These counterfeit card readers instantly record banking data ingrained on a debit card’s magnetic stripe. You probably have one of the new EVM chip cards, but if you happen to insert or slide your card through an older ATM that cannot accept the newer cards, your data could still be at risk.
Bankrate reports that chip skimmers are now surfacing, capable of hacking first-generation EVM chip cards relying on static data authentication. Second-generation EVM chip cards use dynamic data authentication, which makes data theft more difficult – but not impossible.
What can you do to protect yourself against debit card data theft? First, keep in mind that most skimmers are affixed to non-bank ATMs. ATMs at gas station islands and convenience stores are favorites for crooks, as they may be located out of sight of clerks and security cameras. Avoid using your debit card at such places. ATMs inside a bank or a business with plenty of foot traffic (like a mall or a grocery store) are less likely to be hacked.
Check the ATM itself for irregularities. If there are multiple ATMs in front of you, be careful if one card slot flashes its acceptance light and an adjacent one does not (notify the bank or the business hosting the ATMs). Look for misaligned graphics or colors or evidence of prying or looseness. Cover the keypad as you enter your PIN, and beware of people trying to glean your PIN in the old-school way, simply by looking over your shoulder.
Try an NFC payment if the merchant allows it. NFC stands for near-field communications. Apple Pay, Android Pay, and Samsung Pay all use NFC services, which encrypt the confidential financial data stored on credit and debit cards into symbols. This gives you another layer of protection. Savvy consumers are increasingly using Apple Pay, Android Pay, and Samsung Pay to buy things. PayPal’s Android app can also make NFC transactions.
If you sense your debit card has been breached, report it quickly. If you can tell the card issuer that your card is missing or stolen before any unauthorized transactions occur, you will not be held financially responsible for such transactions – that is federal law.
If you notice criminal activity has taken place, the longer you wait to let the card issuer know about it, the less money you may end up recovering. Report the crime within two business days, and your maximum liability is $50 under the federal Electronic Fund Transfer Act. Past that deadline, your maximum liability could be as much as $500. Wait 60 days or longer to report debit card theft, and the missing funds may not be restored to your account at all.
Besides notifying the card issuer, you should also tell the three leading U.S. credit bureaus – TransUnion, Equifax, and Experian – about any debit card data theft and unauthorized transactions. You can file a police report, and you can also file for an identity theft affidavit with the Federal Trade Commission. Both documents may be useful to the major credit-reporting agencies.