We use our credit and EFTPOS cards a lot, in fact, 124 million times in July 2015 alone. Clearly, when it comes to using plastic to pay for stuff, it’s second nature and we don’t think much of it — until things go wrong, that is.
Having your cards compromised is not fun. Its unsettling knowing someone has invaded your life in this way and it’s an inconvenience getting everything sorted out after the fact. As a bank we see and hear your frustration when this kind of thing happens so wanted to take the time to tell you how to avoid it happening and what we do to protect you.
First though, what do we mean by ‘compromised’?
What is a compromised card?
A compromised card means any situation where the details on your card (things like your name, the card number, the expiry and the 3-digit CVV number on the back) may have fallen into the wrong hands. This could be having your wallet stolen or falling victim to a scam.
Skimming, hacking and phishing — How cards get compromised
Lost and stolen cards are one thing, but in these days of tech-savvy criminals, sometimes your card can be compromised without you even realising. Here are three ways crims try to steal your stuff:
Skimming: This requires a special device to be covertly installed on an ATM or EFTPOS machine to ‘skim’ your card details as you insert it into the reader. Criminals can use this data fraudulently online, or they can make a physical copy of your card to use in stores.
Hacking: Sometimes your card doesn’t even need to be present to get stolen. Online retailers are the most frequently targeted merchants and will often have their systems hacked from someone in another country. These attacks will typically occur when you are first entering your card details into a website or on occasions when they have stored card details of customers in their systems. Your card details can be stolen and used by criminals on the other side of the world. Merchants are meant to encrypt any stored customer details in accordance with mandated global data security standards. Email email@example.com for more information.
Phishing: This one relies on tricking you into giving away your card details. Typically, phishing attacks take the form of an email disguised to look like a communication from your bank, telco, ISP, software company or government department. Usually they’ll contain a logo and a link to a website asking you to enter details such as logins, passwords, card numbers and other personal information.
How can I protect myself?
Just by being aware of these methods you’re already protecting yourself to an extent, even so, here a few extra tips that can help.
When you’re visiting an ATM, check for signs of damage — if it looks tampered with, don’t use it.
If you’re visiting a shop, keep your card in sight and don’t let a retailer take your card away. Contactless cards are great in this respect because you hold onto the card the whole time.
One other thing, get in the habit of using mobile banking apps to keep an eye out for unexpected transactions — the more in touch you are with your accounts, the sooner you’ll spot unusual activity.
When it comes to phishing emails, these can generally be spotted in the way they try to convince you to click a link and enter your details. Here are four phishing traits to watch out for if you receive an email claiming to be from your bank:
- Usually addressed generically such as “Dear customer”.
- Have a sense of urgency and insist upon an immediate response.
- Often offer incentives for clicking the links, or repercussions for not clicking on them.
- Hover your mouse over the link to see the true destination.
How the bank protects you
Naturally, banks take security very seriously and offer many layers of protection. For instance, BNZ has an up to the minute fraud monitoring system to help identify fraudulent transactions. BNZ ATMs are also equipped with technology that updates the information stored on the magnetic stripe every time you use the card in a BNZ ATM.
If fraud is suspected, banks can also apply a variety of blocks that prevent a card being used. For instance, if the bank notices your card being used in New Zealand and overseas within hours of each other, it’s a good sign your card has been compromised and a block can be applied to prevent further fraud.
On top of this, BNZ has a Zero Fraud Liability guarantee which means any fraudulent transactions made with your credit card or Flexi debit card will be refunded. So even though it may be inconvenient, at least you’ll not be out of pocket as long as you haven’t done something like give others your PIN or details or anything that’s against bank terms and conditions.
If you think your card has been compromised, contact us as soon as possible to get things back on track.
We know customers are often overseas when a card compromise happens and will reach out to us on Facebook or Twitter. Unfortunately this is something we can’t do a great deal about on social media because we need to be able to identify you to help, so we do recommend calling us.
Contact details for lost, stolen or compromised cards
Call within New Zealand: 0800 735 901 (24 hours)
Or if you are overseas, call us collect from a land line +64 4 473 5901 (Contact the local operator to make a collect call)