It’s close enough to Black Friday, Small Business Saturday, and Cyber Monday to talk a bit about online shopping. Some very scary statistics from 2017 showed a marked increase in online shopping fraud, using stolen credit and debit card numbers. This is not necessarily surprising because consumers are starting to trust online ordering, and the total number of “eCommerce” transactions were up by 19% over 2016 numbers. Sadly, the number of fraudulent transactions during the 2017 holiday season also increased, to 22% over 2016. And a staggering 1 in 85 transactions online was an attempted fraud. GAH!

Online retailers are taking steps to prevent fraud such as collecting IP addresses and requiring the “CVV” or verification code on the back of the card used for a purchase. But, while they do their part to protect their businesses from fraud (yes, they sustain incredible losses from fraud, it isn’t only the consumer), there are easy steps you can take to minimize the risk of being a victim of credit or debit card fraud:

1. Use Unique Usernames and Passwords for Each Merchant

Never reuse usernames and passwords for multiple merchants. If the retailer is compromised, and your login is stolen, thieves can log in to other sites using your information and make unauthorized purchases. This time of year, shipping and billing addresses often differ, so that delivery address discrepancy may not trigger a “potential fraud” flag on the merchant side. Yes, it can be a pain, but so can losing all of your holiday money temporarily until the bank refunds your fraudulent losses.

2. Check the HTTP (S)

The “s” at the end of the hypertext transfer protocol (you bet I had to look that one up) means, https://www.entrepreneur.com/article/281633 “secure.” The security includes data encryption. When you are on a site with only, “http” the data sent to the site can be intercepted by a third party.

3. Use the Code on the Back of the Card

The three or four digit verification number on your credit or debit card is requested to prove that you have the physical card in your possession when making a purchase. In addition to a billing address and card number match, the code can help reduce fraud by requiring a third data point for a purchase.

4. Limit the Potential Financial Loss

This is particularly important for debit card users who shop online this holiday season. Have a second (free) checking account with a debit card for online purchases, and only put enough in the account to cover your shopping budget. This limits the potential loss if the card used online is compromised. And always use the same card, tied to the dedicated account, when shopping online, or traveling.

5. Keep Copies of Everything and Watch Your Accounts and Statements

Print out copies of invoices and receipts. This way you have confirmation of what you ordered, and the total amount paid. If your card is compromised, you will be able to flag unauthorized purchases, while confirming the ones you actually made. And watch your statements and account carefully. Some financial institutions have a feature where you can receive an alert (we get a text) if there is a purchase made over a specific threshold. One word of caution, however, my husband was alerted to his holiday gift by this feature. The bank let him know when I purchased his gift.

There is a real emotional toll on consumers who have lost money and had to file fraud reports over the holidays. Nobody needs that stress and frustration while trying to buy gifts or make travel arrangements. There is one other layer of protection available you should consider: make sure you take advantage of the FREE credit freeze to limit access to your personal information, reducing the risk of a fraudster opening a new account using your identity.

 

flickr.com

The Fair Issacs Corporation, the creators of the mysteriously calculated FICO Credit Score, are changing the scoring method using new criteria, again. In early 2019, a new scoring method will allow consumers to contribute their banking information to a third party, Finicity, which, “allows Americans to benefit from positive financial behaviors.” The idea is that if you are newer to credit, or have a lower score, the credit bureau can have a look at your checking, savings, and money market accounts to check your credit worthiness. One argument in support of this new approach is that consumers do not currently have any input into their credit scores, because the FICO is calculated only on debt account data submitted by creditors and lenders.

Fair enough. What could possibly go wrong?

From my lowly perch, a lot. First of all, while the consumer will have a choice of accounts to include, they will not have any control over how it is collected, and whether the information is kept by the credit bureau. The process, as published in the Wall Street Journal, is as follows,“Experian will compile consumers’ banking information with help from financial-technology firm Finicity and will distribute the new score to lenders.” Yeah, read that again, Experian will send a summary of consumer bank accounts to lenders. FICO won’t keep any of that information after the score is calculated, but the credit bureau will have your banking Information.

Anyone hear about the hack on Equifax? Anyone? Of course, you have. Well, have you heard about the Experian hack? 15 Million T-Mobile customers personal data was hacked via Experian, including social security and passport numbers. Lovely. Since I don’t use T-Mobile, I am already standing in line to provide my banking info. Eyeroll. It’s already happened once, and they will not be less of a target if they are the bureau with your bank accounts.

Cybersecurity aside, who here believes that when the UltraFICO is available, creditors will accept the FICO? Lenders know the consumer can opt in banking information, so why not rely on the UltraFICO for lending decisions? This is the plot from the classic children’s book by Laura Joffe Numeroff, If You Give a Mouse a Cookie. The lesson? If you give a mouse a cookie, he will want a glass of milk, then a straw, then a napkin, and on and on.

So, why the change? Benevolent Credit Bureaus? Hardly. Since the housing melt down, the pool of traditionally “highly qualified” borrowers shrunk. The change is due to lenders requesting, “credit-reporting firms and FICO to figure out a way to help them boost lending without taking on significantly more risk.” Oh.

As a consumer law advocate, I see danger ahead. Who would be “at fault” if banking information is compromised? Any hack could mean consumer’s accounts are cleaned out until the necessary fraud investigations are completed, and the money is returned by the bank. Missed or late mortgage, car payments, or utility bills can have consequences and mean financial insecurity for the most basic needs of a family. Will your mortgage company waive the late fee if it isn’t your fault? Will the electric company leave the lights on? If not, late fees on every bill owed by the American family could add up to hundreds of dollars. And over 75% of families already live paycheck to paycheck. In my humble opinion, a “free” 12-month credit monitoring product is not going to repair that mess. Or, maybe I am just a cynic and Fair Isaacs is looking out for consumers.

 

photo:credit.org