Credit card fraud perpetrated upon US Credit Card holders stands at 47% of the world’s credit and debit card fraud according to the highly respected Nilson Report. That high statistic translates into a mind-boggling 3.56 billion dollars of fraud losses in the United States last year.

Why, in one of the world’s leading industrial countries, is this loss so great? And what can American cardholders do to protect themselves?

The amount of fraud loss in the US is not directly proportional to the amount of credit card spending; although we are definitely a nation of consumers, we only generate 27% of purchases and cash.

Nilson Report Publisher, David Robertson, states there are two reasons card fraud is so high in the United States. “U.S. banks have been slow to adopt newer technologies such as EMV chip cards, and issuers are reluctant to decline card authorization from merchants because they don’t want to alienate their cardholder.”

EMV technology is widely used in Europe and other parts of the world and provides more protection to the card holder. Cards with EMV technology have a chip embedded that is essentially a microprocessor, a small type of computer. These chips can store more information that the magnetic strip on the back of cards issued by US banks and they also have stronger security.

Cards with magnetic strips can easily be skimmed with a handheld, portable device as was done in the recently discovered NYC restaurants credit card fraud ring. The stolen information can then be placed on another magnetic strip to create a fraudulent card. With a using the EMV chip, built in cryptographic algorithms that change with each use are present so it is not possible to skim the card and use the information gleaned for online purchases. EMV cards also have built in data authentication that prevents fraudulent card replication. The EMV chip has PIN capability so if the card leaves the customer’s hand, gets lost, or gets stolen, the card cannot be used.

Banks in the US have obviously been slow to move toward EMV technology. Speculators assume the reasons why US banks have dragged their feet could involve the expense of the change both for the card issuers and also for the retailers accepting credit cards as current card readers would all have to be replaced. However, some speculation has also pointed in the same direction as Robertson’s second assertion, that card issuers are hesitant to alienate their customers.

Driven by the need or desire to satisfy stock holders and increase the profit margin and very aware of America’s free market system allowing competition, card issuers seek to keep their customers happy so the customer will continue to use that issuer’s credit card. The Nilson Report states that the average American carries at least 4 credit cards. This means that not only if a card issuer tightens up on purchase approvals, but also if the card issuer moves to a new technology and retailers are slow to upgrade their equipment, cardholders may too readily resort to using a competitor’s card because it is more convenient even if it is also more at risk for potential fraud.

As consumers, we can help bring about change to a more secure technology if we voice our opinions both to our card issuers and to the merchants with whom we regularly do business. Let your credit card issuer know that you support being on the cutting edge with a move to EMV technology. LIkewise, communicate with store owners or managers that you would support a changeover to equipment allowing use of EMV chip cards. Both want your business, and if enough people voice their opinions, change will happen.

In the meantime, consumers can take steps to protect themselves from credit card fraud by doing the following:

• Keep a hard copy of all credit card information.
• Use credit cards, not cash or debit cards.
• Limit the number of credit cards you carry.
• Use only one credit card for making online purchases.
• When making purchases with a credit card, never let the card leave your sight.
• Inspect ATM’s, gas pumps, and other machines designed to scan your card before completing a transaction.

Recent headlines proclaimed news that a ring of criminals bilked restaurant customers of at least a million dollars in a sophisticated fraud scheme. Unlike similar identity theft crimes, the targets were not the unsuspecting, elderly whose naïveté make them vulnerable, but members of the upper echelon of society, those often regarded by the average Joe as somewhat untouchable.

The culprits operated out of posh New York City restaurants, and, using handheld skimmers, were able to steal credit card information from clientele who carry the country’s most prestigious and most exclusive credit cards such as the American Express Centurion Card®. The information was then transferred to a computer and used to create bogus credit cards, which were eventually used to purchase high-end, luxury items that the criminals sold on eBay®.

Reactions to the story have ranged from the cavalier indifference of the younger set who tend to believe in their invulnerability to the fear-filled questions of those who are both less comfortable and less familiar with the technology of our computer age. “If those wealthy enough to own cards such as the Centurion Card (commonly referred to as ‘The Black’ card, which is a ‘By Invitation Only’ card with an initial fee of $5000 and an annual fee of $2500 just to posses), don’t know enough to avoid being scammed, then how will I ever be safe?” is a thought many have had.

With credit cards, as with life, there are no sure-fire guarantees, but whether you are part of the jet set or are working hard to make ends meet on a monthly basis, there are steps you can take to protect yourself from credit card identity theft.

• Keep a hard copy of all credit card information
• Use credit cards, not cash or debit cards
• Limit the number of credit cards you carry
• Use only one credit card for making online purchases
• When making purchases with a credit card, never let the card leave your sight
• Inspect ATM’s, gas pumps, and other machines designed to scan your card before completing a transaction

Protecting yourself starts with keeping a hard copy record (this is not a file you want saved on your computer) of all the credit cards you own, their account numbers, expiration dates, and the customer service number to call in case the card is ever lost or stolen.

Actually, using a major credit card such as VISA®, MasterCard®, or Discover® for purchases is itself a protection. If you are carrying cash and have your wallet stolen, the cash is gone. Period. However, when you report your card as lost or stolen, most credit card companies have liability limits, often as low as $50.

Your purchases, made with a credit card, are protected as well. If you go on a shopping spree, leave your purchases in your vehicle overnight, and a thief breaks in and steals your merchandise, most credit card companies will cover that. Again, if you pay in cash, well, maybe you could work something out with your homeowner’s insurance policy if the deductible isn’t too high and if you’re not afraid of premium increases due to a claim.

Because of the liability limits set by most major credit card issuers, using a credit card for purchases, including dining out, is much safer than carrying a debit card. Debit cards are generally linked directly to a bank account. Once a criminal has debit card information, that information is generally used to immediately empty the account to which the debit card is linked. Although there are now federal laws in place that give consumers some amount of protection in the case of fraudulent electronic withdrawals, there are many stipulations, especially in relation to the time in which the theft of a card was reported, and hundreds of stories of individuals battling their bank for months if not years to get stolen funds reimbursed.

Limiting the number of credit cards you carry with you to one or two is another wise move. This protects you both if your wallet or purse is physically stolen, but it also protects you from having information stolen electronically. As technology has advanced, many credit cards carry Radio Frequency Identification (RFID) that allows customers to pay for their purchases without ever letting go of their credit card by simply holding the card close to the point of sale reader. Visa’s payWave® and MasterCard’s PayPass® are examples of this technology. Just as the RFID imbedded in the cards can allow for contactless purchase, a thief with a reader can also steal that information without ever having to physically touch your credit card. Although this theft would be a little more difficult to achieve because the criminal would need to be 1 to 4 inches away from your card, the best protection is to limit the number of cards you carry and therefore the amount of information that could be stolen.

In like manner, limit your susceptibility to having credit card information stolen when making purchases online by using only one credit card for online shopping. In fact, some people not only limit their online shopping to one card, but also limit that card to being used exclusively for their online shopping and nothing else. Of course, when making purchases online it is best to shop only at well-known, reputable merchants, be sure the transaction is completed through a secure website, (the web address should begin with https://) or to consider using a third party, such as PayPal, to complete transactions with companies other than recognized major stores.

Whether grocery stores, gas stations, or your favorite fashion outlet, many retailers now have card scanners that allow the consumer to swipe their own card. Never having your credit card leave your hand, or at least your site, is the best way of protecting yourself. Portable credit card scanners, like those used by the culprits in the NYC restaurant scam, are available to anyone for less than $100. Holding onto your card is your best guarantee against similar theft. Of course, we all dine at restaurants where the friendly wait staff kindly inform us the when we are ready, they will be our cashier. Take the initiative to protect yourself by letting them know you would prefer to take the invoice to the cash register yourself. Remember, the customer is king, and if there is a problem, a quick, friendly chat with the manager will result in your card staying in your possession.

Even if you aren’t a computer whiz, you have a responsibility to educate yourself. Use the internet to become aware of what scanners or skimmers used by crooks look like. Also research images of pin-hole cameras used with skimmers on ATM’s. Get in the habit of visually inspecting machines you are intending using with your credit or debit cards, especially if that machine, such as an ATM or a gas pump, is outside, accessible, and not in full vision of an employee the entire time it is accessible to the public. If anything looks suspicious, don’t use the machine, and report your concerns to the bank or business. They would much rather deal with a false alarm than learn too late that their customers became unwitting victims.

In this age of computers and seemingly daily leaps forward in technology, protecting yourself and ensuring the safety of your family, including protection from credit card/identity theft, comes down to the same things as it did in the years and decades before television was invented and credit cards heard of: preparation; clear, logical thinking; being aware of surroundings; and personal resourcefulness.

In the Consumer Reports June 2011 issue, the article “House of Cards” gives some disquieting information about the outdated security technology employed by American credit card issuers. Three pieces of almost shocking information are:

• Information necessary to complete a transaction stored on American-issued credit cards is virtually unprotected.
• Technology for higher level credit card security exists and is used extensively throughout Europe and Canada
• In general, US credit card issuers have no plans to switch to the enhanced technology in the immediate foreseeable future.

It is surprising and perhaps even shocking that our country, which is a world leader in so many areas, is classed with unindustrialized nations in Africa when it comes to levels of security associated with debit and credit cards.

By 2012, one would be hard-pressed to successfully use a credit card issued in America at a bank in Europe, and they will not be accepted in China by 2015. That is, unless the technology employed on American-issued credit cards changes.

While most of Europe and Canada have embraced EMV (Europay MasterCard® Visa®) technology with its embedded chip that both stores data and transmits data with encryption, American credit cards still feature the magnetic strip that stores all the information necessary to make a transaction without any encryption. While information on a magnetic strip is easy for a criminal to access using a skimmer, the encrypted EMV data is also protected by a unique identifier that can change with every purchase. In addition to the embedded encryption of EMV cards, another level of protection is a required PIN for both credit or debit card use.

If the magnetic strip information is not encrypted, what protection do most American-issued credit cards have?

• Required PIN access numbers
• Limited or Zero liability for credit card fraud
• Rigorous monitoring activity by credit card issuers

Although many American cards require a PIN to complete transactions, the ease with which the magnetic strip information can be stolen makes them an attractive target for thieves. According to the Consumer Reports article, in 2010, 32% of American credit card users reported credit card fraud within the 5 previous years. Much of the fraud is through a process called “skimming” where skimming equipment is installed over or in a terminal such as a gas pump or an ATM. In addition to a skimmer, thieves often also install pinhole video cameras or keypad overlays to capture PIN numbers. Once the information is accessed, it can be used to create a counterfeit card or sold, usually over the internet, to other criminals.

Most American credit card issuers do protect the consumer with limited or zero liability on credit card fraud, but the process of investigation of possible fraud often takes several weeks during which the consumer is on his or her own to cover any financial obligations regardless of what has been stolen out of the account.

Although the magnetic strip is unencrypted, the American credit card issuers assure that they protect consumers by employing sophisticated systems to monitor for fraudulent activity. Chase® card states they have 1,000 personnel responsible to detect fraud. VISA touts their real time fraudulent detection system.

If the technology exists to prevent or greatly deter incidents of credit card fraud, why isn’t the American banking industry rushing to incorporate it? Essentially, the loses incurred due to credit card fraud haven’t hurt enough. According to the “House of Cards” article, merchants cover over 43% of debit card losses and over 50% of credit card losses due to fraud. In addition, merchants have to pay credit card issuers an interchange fee for every completed transaction. Sometimes these fees can be quite high, which is why some businesses don’t accept certain credit cards. Supposedly the reason for assessing the transaction fees is to help defer fraud costs.

Of course, merchants aren’t going to absorb either the fees or the losses. Those costs are passed onto the consumer. The bottom line is that credit card fraud doesn’t affect the banking industry’s bottom line enough – yet.

The cost to switch over to the EMV technology is rather staggering. Consumer Reports estimated that the banking industry expense would be approximately 2.85 billion plus an additional 310 million to install needed technology at ATM terminals. It was also estimated that nationwide merchants would spend 2.64 billion to update their payment transaction technology.

Already, large corporations in America, such as WalMart®, are installing contact and contactless readers while others, such as McDonald’s® and Sears®, are lobbying the banking industry to make the change.

Change is coming. It is inevitable. It is only a matter of time. But the American credit card industry has given no indication of how much time. Meanwhile, American-issued credit card holders would do well to know the physical location of each of their credit cards, monitor closely the charges reported on your monthly statements, be aware of anything suspicious at point of payment terminals, and have a list of your credit cards and each credit card issuer’s customer service numbers so you can easily call to report any suspicious activity on your card.

Seems like daily there are news reports concerning yet another case of identity theft or credit card fraud. Who are the typical victims? Are they the nice elderly couple down the street who are so trusting and big-hearted? Or perhaps the high school and college-age kids who believe they are invincible as they step out to conquer the world and make a place for themselves? Surely it isn’t the savvy white-collar business man who drives his Lexus by the house everyday on his way to work.

The truth is, none of us is exempt from the all-too-real threat of potential credit card fraud, which is a big part of identity theft. In reality, no one can guarantee that your credit card numbers won’t be stolen or that your identity won’t be accessed by a criminal. However, there are several pro-active measures we can take that will reduce our risk ratio.

I have a friend who is a general contractor. He has encountered many, many remodel projects that were  initiated because of a minor problem that wasn’t recognized and dealt with early with just a simple repair. Often the problem itself could have been prevented if, in the original construction process, protocol had been followed and shortcuts had been avoided. After listening to him tell of an incident where he had been called to make what the home-owner thought would be a minor repair but that turned out to be quite a restoration project, I asked him how he discovered the source and extent of the actual damage not readily noticeable to the average person. His response intrigued me and has become a bit of a guiding principle in my life: “You have to think like water.”

The lessons I learned from my friend the contractor are principles I have applied to protect myself and my family from credit card theft. Principle one: Follow protocol. Principle two: Don’t take shortcuts – ever. Principle three: Think like a thief.

When I was young, my grandparents traveled in Europe. The only thing they really had to worry about was preventing the actual physical theft of their cash and traveler’s checks. My grandfather bought a money belt to wear under his clothing and religiously carried their money and checks in it. He knew the high rate of pick-pocket crimes in the area they were visiting and had friends who advised him that a money-belt was the safest way to go. My grandfather applied all three principles.

Today’s world is a bit more complicated than that of my grandparents, but there are still proven protocols we can use to protect ourselves from credit card fraud in today’s high-tech world. Obviously, we still need to be sure our cards are not physically stolen. It’s a wise idea to only carry a couple credit cards and an ATM card in your wallet. If you can force yourself not to, don’t carry a debit card. Debit cards are so convenient to use, but carry a much greater risk than a credit card. Generally, if a credit card is stolen, the Truth in Lending Act protects credit card holders from being liable for no more than $50 of the loss. Debit card carriers whose cards are stolen are at risk of having their entire checking accounts wiped out, and they have no protection. (If you use debit cards, access the card company’s on-line service to monitor your account weekly.)

The second thing we can do to protect physical access to credit card numbers is to buy a paper shredder and faithfully shred everything with any personal information. Everything. Every time. No shortcuts. A list of items to shred would include credit card statements, credit card applications, loan applications, pre-approved credit offers, credit card receipts, etc. In addition to shredding paperwork you are disposing of, spend the extra money to install a mailbox with a lock or contract for a PO Box to protect the paperwork you are receiving. Locked mailboxes aren’t fool-proof, but they are a deterrent.

The electronic age has presented many more threats to my credit card safety than my grandparents ever dreamed of. Awareness and diligence is a key to protection. Anytime your credit card leaves your hand, don’t let it leave your sight, and watch carefully the way the waiter or the retail cashier swipes the card. Hand-held devices called skimmers are used by criminals to store information found on a credit card’s magnetic stripe until a time when the criminal can download it onto a computer. It would only take a second to swipe the card with a skimmer before swiping it for your purchase.

One of the biggest targets for criminals intent on credit card theft is your personal computer. It is imperative that you install a firewall to protect your home computer from hackers. This is especially necessary if your internet connection is through DSL or cable. While you are installing a firewall, also spend the money for a good virus protection software and pay the subscription fees for regular updates. This protection will prevent worms or viruses from capturing information entered onto your computer and sending it out.

If you store files that contain sensitive personal data including credit card information, bank account numbers, investment information, or passwords, protect those files with passwords.

Criminals target naïve people. Keep yourself educated on recent scams involving the internet. Be assured that banks and credit card companies never, ever, ever contact customers through emails that ask for identifying information or account numbers. “Phishing” emails will contain your bank’s logo and other graphics and look like official correspondence. They will direct you click on a link that opens a page very similar to the bank’s online website where you will be asked to enter account information. Do not click on the link. Do not enter your information. Ever. If you have questions, call your banking institution or your credit card issuer.

In the same vein, do not give out your credit card information or any other identifying information (debit card, social security number, etc.) to anyone else soliciting it over the internet (or phone or mail) unless it is to a business you trust and unless you have made the initial contact with the company.

Be cautious about your online shopping. Only purchase things with a credit card online if you are positive that the reputable business is offering a secure transaction site. When you hit a “checkout” or similar button, you should be taken to a page that has a prominent graphic or dialogue box containing a notification of security. You can also glance at the url in your browser to see that the address begins with https:// – look for the “s.” You should never email your credit card information to anyone. Email can be hacked into. If a company does not have a secure site through which to complete a transaction, use PayPal or find another source for the item you wish to purchase.

Beware of your children’s internet activities. Protect your computer from being able to download programs without password-approved permission (and don’t give your kids the password). There are many file-swapping or file-sharing programs on the internet that can be interesting or fun, but they are easy ways to expose yourself to hackers.

If we are as diligent about protecting our credit card numbers and personal information as thieves are about stealing it, if we follow established protocol and never take shortcuts or make exceptions to the rules, we can go a long way in reducing our personal risk of credit card fraud and identity theft.