From shopping to trading, or ordering food, we use our credit card information on a lot of websites and portals in our daily life. With the advent of everything digital, this practice has gained even more momentum.
Every single piece of data that we put online is recorded and stored. No one can fully guard themself against a data breach. But what we can do is take precautions to prevent the breach and take the right action if faced with one.
In this article, we explain the different ways your credit card can be breached and measures to prevent it. We will also address the legal rights of an Indian citizen in case of a credit card data breach and what he/she can do if caught in such a situation.
What is a Data Breach and how does it happen?
A data breach is the unauthorised use of your financial information on the internet for unlawful activities. Both companies and individuals can be victims of a data breach. A hacker can find discarded bills and use your credit card information to buy stuff. Your bank or food delivery company might get hacked and release your sensitive information to the web. In some other cases, a disloyal employee may click a picture of your card and use the information to create a new card, or you get a call claiming a free holiday if you share your card details. There are endless possibilities of getting hacked on the internet.
Some common ways of stealing credit card data include:
Skimming or Cloning
This is the process of duplicating your card’s information at a swiping machine. For instance, when you visit a petrol pump, restaurant, or airport and swipe your card, the machine may record your data and make clones or copies of your credit card with that data. To minimise the risk of skimming or cloning your card, it is advised to swipe your card only in your presence and change the card after long travels.
Cyber Swindles are a type of internet fraud wherein your card information gets unauthorised access due to unsecured servers and websites. The best way to prevent this is by using websites with a lock. We will discuss this in detail in the next section of this post.
Hackers also use your account information to make online transactions as an imposter. This takes place in two ways: either the hacker uses your information to buy things online or apply for a new card using that information.
Lastly, one of the most common ways of hacking small, individual accounts is the practice of phishing. You are probably already aware of this technique. When someone calls you asking for your card number and CVV or OTP for a certain reward, it is called a phishing scam.
So, what can we do to prevent such scams and protect sensitive information? Let’s find out.
Ways to prevent credit card data breach
There are a plethora of ways your data can be compromised online. While it is not completely in your control to stop such an action, there are some common prevention measures you can take such as, never signing a black cheque, carrying your cards separately from your wallet to prevent theft, and never revealing your account number. Other specific measures include:
1. Use digital wallets instead of credit cards
When given an option, never prefer paying from your credit card. Instead, use mobile payment applications or gateways. This is because when you use applications like Paytm, Google pay, BHIM PhonePe, etc the vendor receives only your number and not your credit card details.
However, not every payment application has great security so choose your portals wisely.
2. Check website security
If a website is secured, it will show a small lock on the left side of the URL. Use your card information only on such secured URLs, otherwise, you may be risking a breach of data.
Unsecured websites also show a pop-up that warns users of any activity on that server. So look out for such warnings before simply clicking cancel.
3. Use strong passwords and update them regularly
A strong is a combination of letters, numbers, and special characters in a random manner. Password guidelines suggest using all of these three elements in a unique manner.
You may also consider employing additional security measures like two or three-factor verification that uses a pin, a finger, and a face ID to make your information less approachable.
Also, It is advised to change your credit card password every 3-6 months.
4. Keep a regular check
Keep a close eye on your credit card statements. Even small transactions that you’re unaware of could be a potential hack. This is a common technique employed by hackers-make a small change to see if the person notices.
Also, monitor your credit report to see if any other accounts have been opened with your information. You can access your free credit report from AnnualCreditReport.com by visiting their website.
5. Watch out for scams
As mentioned earlier, there is a lot of phishing activity that happens with individual customer accounts. So if you get an anonymous call asking for your account number, 3 digit Card Verification Value (CVV), or a One-time Password (OPT), in exchange for a cash prize, vacation, or fixing a bug in your account, never give it.
Credit card companies do not randomly call and ask for your details. Beware of what you tell on the phone.
6. Have a card protection plan
Ask your credit card provider for a card protection plan to secure your credit card against theft and misuse. A CPP acts like insurance for your credit card. The company will take either a lump-sum or monthly premium on the plan and safeguard your credit in case of a loss or mishap.
What to do after a credit card data breach?
If you have become a victim of a credit card data breach, first of all, do not panic. It leads to rash decisions and mismanaged actions. There are measures you can take to control the damage. They include:
Get more details on the breach
In case of a data breach, your bank is bound to release all information regarding the theft. A cardholder carefully analyses this information and acts as per the bank’s notification.
You may also get in touch with customer care to understand the matter in clarity.
Report unauthorised actions immediately
Banks can only take action on a data breach if the complaint is registered within 30 days of the theft. So make sure you report any unauthorised actions in your account immediately to your credit card provider.
However, don’t just stop with the bank complaint. Be sure to file an FIR with cybersecurity to get fair redressal of your query. If your card was insured, provide the insurance company with the necessary details to get timely compensation for your loss.
Freeze your credit or place a fraud alert
When you’re sure that a hack has taken place in your account, freeze your credit immediately to avoid any crime a hacker might undertake with your card.
Freezing your credit disables your card history and does not let anyone make a new card with your details. As opposed to a common myth, freezing your credit does not negatively impact your CIBIL score.
However, if you’re in a situation where freezing credit can be troublesome, for instance, you have applied for a loan or mortgage, you can take the next best step-placing a fraud alert.
This notifies your creditors that there has been some unauthorized activity with your account and that they should not issue credit in your name without prior personal notice.
Know your legal rights
If you don’t know your rights, the bank might falsely penalize or manipulate you for something that wasn’t your mistake.
According to the Reserve Bank of India, there are set guidelines that every company, financial institution, and individual has to follow in case of a credit card data breach:
- If the breach happened due to negligence from the bank, it is liable to pay the cardholder the full amount within 10 days.
- If you, the cardholder, is held liable for the breach, you will have to bear the loss till you report it to the credit card company.
- If both the parties are not responsible for the breach and it is done by a third-[party, the compensation, and redressal will depend on the time span from the date of the breach.
Closely monitor all your credit card activity
After reporting the matter to authorities and taking the necessary actions, you should closely monitor all activity on your credit card. Change passwords, cancel international transactions, and look out for any unsecured place your card is being used.
Regularly monitoring your card activity after the breach can help you track down the reason for the leak and protect you from such future breaches.
A leak in your credit card data can severely hamper your finances. If you have not faced it, that’s great. However, as the old adage goes, prevention is better than cure. Thus, take the mentioned measures to protect yourself from a credit card data breach.
Follow Angel One Blog for more such posts!