Los Angeles Times (Sunday)

‘Good hygiene’ for credit card use

- By Liz Weston Liz Weston, Certified Financial Planner, is a personal finance columnist for NerdWallet. Questions may be sent to her at 3940 Laurel Canyon, No. 238, Studio City, CA 91604, or by using the “Contact” form at asklizwest­on.com.

Dear Liz: We have one primary credit card, which we use all the time. Every few months it is “compromise­d,” and we have to get a new one. Is there something we’re not doing right? Are there “good hygiene” rules for credit cards?

Answer: Yes, and most involve reducing the number of places that have access to your card’s informatio­n.

Many online retailers and web browsers offer to save your card informatio­n to make future purchases easier.

While these autofills save time, they mean your credit card informatio­n is being stored in databases that are outside your control. Refusing this option — and deleting your stored cards from browsers and retail accounts — means less convenienc­e but more security.

Another option is to add two-factor authentica­tion to your retail accounts, which makes them harder to break into. This would require you to enter a code that’s texted or emailed to you or generated by an authentica­tion app.

Some credit cards offer the option to use virtual numbers online. If yours does, this is another option worth using. The retailer never has access to your real credit card number, so it can’t wind up in a potentiall­y vulnerable database.

You can avoid exposing your credit card numbers while shopping in person by using mobile payment apps such as Apple Pay and Google Pay.

These apps create a “token” from your credit card informatio­n that’s transmitte­d to the merchant when you buy something. Again, the merchant never sees and can’t store your actual card details.

Other good practices involve steering clear of unsafe merchants and sites. When shopping online, always make sure the little lock symbol shows in the left side of your browser’s address bar and that the site’s address starts with “https” rather than just “http.” If a site doesn’t offer these basic security features, you shouldn’t shop there.

Be wary of in-person merchants that use oldfashion­ed magnetic card readers, the ones that require you to swipe, without the option of tapping or inserting your chipped card. It’s much easier to clone the informatio­n on a card’s magnetic stripe than from its chip, so avoid swiping if you possibly can.

Also be wary of skimmers and shimmers, which are devices that thieves install on unattended ATMs and fuel pumps to steal card informatio­n. These devices can be hard to detect, so consider paying for your gas inside the station and using ATMs attached to banks.

You also should avoid using public Wi-Fi for any financial transactio­ns because these networks usually aren’t encrypted and are easily compromise­d. Finally, be on the lookout for phishing attempts, which is when criminals try to get you to divulge credit card and other sensitive personal informatio­n by pretending to be from a trusted source.

Newspapers in English

Newspapers from United States