Protect your accounts against debit card fraud

Here's the good news: The number of identity fraud victims went down significantly — by 28 percent — in 2010.

Here's the bad: The consumer cost of each of those incidents went up significantly — from $387 to $631 — in the same time period.

What's going on there? A decrease in data breaches and increase in security measures is driving cases down, according to a new identity theft study by Javelin Strategies and Research, but the types of fraud being perpetrated (debit card fraud, in particular) are more expensive.

I know what you're probably thinking: Your bank advertises zero liability, which means you're not responsible if someone steals your card and goes on a spending spree. That's true — but there are also plenty of caveats to those policies, says Ed Mierzwinsky, consumer advocate at U.S. PIRG.

"The promises of zero liability are just promises, and they're laden with asterisks. For example, with many banks, a consumer who has had a dispute in the last year is automatically rejected for a second dispute. You have to read the fine print."


That means that in practice, you may be on the hook for at least some of the fraudulent charges. Here's how to protect yourself:

• Know the law.Debit cards are regulated under the Electronic Funds Transfer Act, and your liability if your card is lost or stolen is spelled out pretty clearly — but it depends when you report the fraud. If you report a card missing to your bank before any damage has been done, your liability is zero. If you report a stolen card within two business days, your liability is capped at $50. After that, the cap moves up to $500, and if you wait more than 60 days after your bank statement containing the unauthorized charges is mailed to you, your loss could be unlimited.

That means a thief could drain your bank account. It also means you might be on the hook for any outstanding checks that bounce because of the fraud. Keep in mind, though, that most banks have their own liability rules, and often they're more lenient. If someone gains access to your number — but not your card — you may not be liable at all, says Nessa Feddis, vice president and senior counsel for the American Bankers Association. Bottom line: As Mierzwinsky says above, read the policy carefully, including the fine print.

• Bank online.All banks have online interfaces these days that allow you to track transactions, literally by the second. A thief swipes your card and it shows up immediately. Schedule a time into your day, every day, to log into your bank account. It only takes a minute.

"What's really crucial is that you're just monitoring what's going on with your accounts and looking over the details of transactions. One out of every two cases are first detected by the individual, not the provider," says James Van Dyke, president and founder of Javelin.

If you see something you don't recognize, call your bank immediately. Maybe it's something you've purchased — I've called before, only to remember that yes, I did buy a scarf on impulse yesterday — but you're better safe than sorry.

• Signature vs. PIN transactions.Sometimes at the point of purchase, you swipe your debit card and you're asked for a PIN. Other times you're asked for a signature. It's not a small difference. Using your PIN is considered more secure — after all, it's a lot easier to forge a signature than figure out a four-number password. Still, many banks cover only signature transactions, says Mierzwinsky.

"The liability promises made by banks in credit card networks generally only apply to signature debit. They take the view that anytime the card is accessed with a PIN, it's the consumer's fault," he said.


Javelin says that only 44 percent of the nation's top 25 banks offer zero-liability for PIN debit purchases. (The thinking here is that it's your responsibility to keep your PIN close, but that's getting harder all the time: Thieves are installing "skimmers" into machines that will read your information.)

Bank of America, Chase and Wells Fargo all have zero-liability policies for both, according to Javelin. If your bank doesn't, run your card as a signature purchase when possible to get the most protection, but make sure your PIN is still rock solid. That means avoiding birthdays, anniversaries, your age and anything else that can be gleaned from your Facebook profile. "Friendly fraud" — perpetrated by people you know and who are likely to know these things about you — is on the rise, up 7 percent in 2010.

• Set up a network of accounts.The scariest thing about debit card fraud is that it's your own money at risk. That means the cash in your bank account and money in any linked savings accounts, lines of credit or overdraft protection. (If you haven't opted out of this option, here's the push you need.)

"When you call and say you're a victim, they don't say, 'OK, we're pressing a button, here's your money back.' They say, 'We're doing an investigation and it could take up to 10 days,'" explains Mierzwinsky.

Feddis confirms this, but stresses that most banks will credit your account within three to four days. Either scenario can be a nuisance, so my suggestion is to set up a few different accounts that aren't linked in any way, and, ideally, are at different banks. Stash a small amount of money in one for everyday purchases, some in another for bill pay and house your savings under a different roof. That way, all of your liquid cash isn't at risk.

Finally, keep your information up to date. Make sure the bank has your correct phone number, so someone can contact you if fraud is suspected.

What To Read Next
Artificial intelligence can now act as an artist or a writer. Does that mean AI is ready to play doctor? Many institutions, including Mayo Clinic, believe that AI is ready to become a useful tool.
Downtown businesses may be poised for a busy year of openings with a growing restaurant, retail and residential scene.
Three minority-owned businesses have one focus: Make downtown even better.
One more businesses just means more arts fun for Maggie Panetta and Nathaniel Nelson.