Protect Yourself During Data Breach Season

With the holiday shopping season upon us, the spike in debit and credit card usage offers a significant opportunity for consumers to fall victim to merchant data breaches.

More than 1,100 data security breaches have occurred so far this year exposing more than 171 million data records, said Eaton Family Credit Union CEO Mike Losneck, citing a recent report by the Identity Theft Resource Center. However, most consumers have probably only heard about a few of them.

 “A data breach occurs when any unauthorized party accesses a merchant's network and steals cardholder data,” explains Losneck. “As cybersecurity threats continue to evolve in both sophistication and scale, the need to safeguard your data has never been more critical.”

Most card issuers have implemented debit and credit card chip technology to cut down on fraud, Losneck said. The embedded microprocessor chips store and protect cardholder data. When the card is used, it creates a unique transaction code which cannot be used again.

However, chip cards do not prevent online merchant transaction fraud.

Losneck said a good way to prevent fraudulent merchant transactions is to use a free mobile wallet service such as Apple Pay, Samsung Pay and Android Pay. He also recommends using a free mobile banking tool to control activity on debit and credit card accounts.

Mobile wallets use a process called tokenization, Losneck explained. The account number is replaced with a series of randomly-generated numbers – called a token – which can be passed through the internet or various wireless networks needed to process the payment without their account details being exposed. The real account number is held safe in a secure token vault to prevent unauthorized transactions from being processed in the future.

“We also offer My Mobile Money, a free app, to Credit Union Members so they can control and monitor their MasterCard Debit Cards anywhere, anytime using their mobile phone,” said Losneck.

Using My Mobile Money, Members can control card activity, set spend limits and limit card-not-present transactions. Transactions can be denied before they take place and the app can be used to turn on and off the card to prevent unauthorized purchases.

Despite best efforts to prevent it, merchant data breaches will occur. Losneck recommends the following if you believe your identity has been compromised:

• Verify the fraud: If unauthorized account transactions occur, contact your financial institution or company where fraud has occurred to report unknown charges.
• Update your passwords: once fraud is confirmed, change account logins and passwords. Passwords should be robust with multiple types of characters such as upper and lowercase letters, numbers and symbols.
• Take control: to avoid additional compromises place an initial fraud alert by calling one of the three national credit reporting companies (Equifax: 800-525-6285; Experian: 888-397-3742; TransUnion: 800-680-7289).
• Report the theft: to begin an identity recovery plan report your theft to the Federal Trade Commission (FTC) online at www.IdentityTheft.gov or by phone at 1-877-438-4338.

For more information about merchant data breaches and their impact, visit www.stopthedatabreaches.com