card-security

Your Credit Card Information isn’t as Safe as You Thought

Will Your Credit Card Information Be Compromised?

Massive data breaches that compromise sensitive cardholder information happen more often than we’d like to admit. Since these major hacks are so common, we assume those in possession of our credit card information guard it carefully.

A new study published by Science magazine proves otherwise. Your credit card information isn’t as secure as you thought.

Selling Personal Information

A marketing campaign is only successful if it speaks directly to the target audience. In order to fully understand who is in a target audience and what they want, it has become customary for marketers to buy “anonymized” credit card information.

Merchants and banks feel safe selling transaction data to third parties after they remove identifying information, like name, address, and phone number.

However, simply removing the most obvious identifying information isn’t enough.

Reconnecting the Dots

The Science magazine study found this anonymized transaction data can easily be reunited with the missing personal information. Experts are able to determine who bought what.

All someone needs to do is consult publically available information—like geotagging Tweets and time stamped Facebook posts—and compare it to the anonymized information.

Here is an example. A consumer sends out a Tweet while waiting in line at the grocery store. A few days later, she check-in at a clothing boutique on Foursquare. After that, she updates her status while at an ice cream shop next door.

By taking those location and time specific bits of information and comparing them to credit card purchases at the same places, it is easy to see all the activity is attributed to the same person.

This method of reconnecting the dots is so effective, experts were able to match 90% of the anonymized credit card information with an actual person.

Information in the Wrong Hands

These experiments were done in a safe, researched-based environment. These experts had no malicious intent, but we all know there are plenty of people out there who would love to get their hands on this type of information.

All it takes is one dishonest employee at the marketing firm that receives this anonymized information to steal credit card information from unsuspecting consumers.

How to Stay Safe

Once you acquire a credit card, you don’t have much say about who will receive your anonymized information. Banks and merchants will distribute it as they see fit. Since you can’t prevent who accesses it, you’ll have to do your part to make sure there is very little secondary information publicly available.

  • Turn the geolocation tracking feature off on Twitter and Facebook (and any other social network you use).
  • Don’t check-in at places where you use your credit card.
  • Be careful about your activity during major events, holidays, and public gatherings. For example, Cyber Monday scams were abundant. Partnering secondary personal information with a busy day of shopping is just asking for more trouble.
  • Be careful of the information you provide when shopping online. There are tons of scam websites out there that make it their goal to harvest as much information as possible. For example, they may ask you to sign in with a Facebook account to proceed with the onsite account registration.

Selling personal information is a profitable business. Not only do these merchants make money of the things you buy, they also make money sharing your information with others. Naturally, the merchant isn’t interested in losing your business; that means they’ll lose double.

Getting a merchandise refund or terminating a service will probably be difficult. If you find yourself in one of these situations, let us know. We can help you get your money back, cancel your service, and stay safe online. Just fill out the form to the right.