Consumers will face a slew of hidden threats as they pour into stores and scour retailers' websites for holiday deals over the next couple of days.
Retailers are moving to use more secure technology that is expected to cut down on credit card fraud, but credit experts say identity thieves will still be attempting to steal data that they can use to commit fraud in stores and online.
Nothing that shoppers do can protect them fully from having their credit card information hacked or their identities stolen, said Nick Clements, co-founder of credit comparison website MagnifyMoney.com. (The Target hack in 2013, he recalls, was an attack on a large retailer that consumers could not have prevented.) But shoppers can take small steps to make it more difficult for identity thieves to go on a shopping spree under their name.
Use a stricter log-in. Use a different password for each of your online shopping accounts so that if someone grabs your user name and password for one website, they won't be able to go on a shopping spree for other accounts. Some merchants such as Amazon have also introduced multi-factor authentication, which requires users to enter a code that is sent to their email or phone number when they try to log on. The added step can make it harder for thieves with stolen user names and passwords to take over people's accounts.
Choose credit over debit. While debit card users are also protected from fraud, identity thieves who go on a shopping spree with your debit card would be tapping into the cash you need to pay your everyday bills. In contrast, fraudulent charges on a credit card would take up only part of your credit limit. "It's not fun when all of a sudden that cash you need to get through the month is gone," Clements said.
Use a chip card. This will be the first holiday shopping season during which most retailers will need to have credit card terminals that read the more secure chip cards. The chips, which generate a new code every time they are used, are supposed to be safer than the magnetic stripes on cards, which send the same information for every transaction and are easier to copy. About 7 in 10 Americans have at least one chip card, according to Visa.
Consider mobile pay. New mobile payment options such as Apple Pay and Android Pay let consumers shop with their cellphones at retailers and through certain apps. Instead of swiping or dipping their credit cards, shoppers tap their phones, which transmit a unique code to the retailer for each purchase that is useless to fraudsters, said Mike Cetera, a credit analyst with Bankrate.com. In the case of Apple Pay, shoppers have an added protection by requiring that their fingerprints be used to complete the transaction.
Monitor transactions. Most banks will refund consumers for fraudulent charges made with their debit or credit cards as long as they report it in a timely matter. Consumers should check their transactions every day or every other day to scan for unauthorized purchases, especially when they are using their credit cards frequently. If you don't have time to monitor transactions every day, then you can set up alerts to have a message sent to your phone or email every time your card is used.
Stick to one card. Using one card for most of your holiday purchases can limit the number of cards you need to track closely. It also cuts down the chances that more than one card will be compromised. (Though you should still check transactions on all of your cards periodically.) Try to use a card that is different from the one you use to pay your monthly bills.