Have you ever felt an awkward sense of unease when someone on the telephone requests your credit card security code? The security code is the additional set of three to four digits located on your credit card that are often needed to complete a sales transaction online or on the telephone. We are all so cautious about social security numbers and even our phone numbers. Why then should we be so blasé about our security codes?
[In Pictures: 12 Money Mistakes Almost Everyone Makes]
First off, take solace that consumer protection laws limit your liability in the case of credit card fraud to $50. In most cases, if you promptly report the incident, you will owe nothing. However, if you don’t regularly examine your statement, this can be a problem.
Is the security code even secure?
According to Dr. Jerald Dawkins of True Digital Security, Inc., those three or four digits called CVC2, CVV2, CID2 or CID, depending on what type of card you have, are used to verify your credit card information when the card itself is not present. Essentially, they were created as another layer of protection from online credit card fraud.
What happens, however, if someone wants to steal your code along with your card number? Can they get away with it? If they walk into a store, your credit card number and code won’t work. They need a physical card to have the power to charge anything to your account. Online transactions are a different story. Dr. Dawkins says thieves will have multiple retailers to choose from. In fact, if they have your card number and your code, they’ll be able to shop online to their heart’s content.
So what can you do to protect your online purchases, or even your takeout orders? Be wary of who you trust. Dr. Dawkins says, “The use of CVC over the web or phone is really at your discretion and the trust you have in the organization that they will protect the data correctly.”
Advice for credit card users
Robert Livingstone, president and founder of Ideal Cost, a national merchant-consulting firm headquartered in South Florida, offers some practical advice. If you’re nervous about giving out your security code to the faceless restaurant worker on the other line, opt instead to wait until you pick up your takeout before you pay for it. Livingstone also suggests you use your credit or charge card instead of debit card if you are concerned about your security, because you’ll have a much easier time disputing fraudulent charges on your credit card than your debit card.
[Visit the U.S. News My Money blog for the best money advice from around the web.]
Essentially, it’s up to us to be cognizant of whom we give our information out to. Just because it’s called a “security code” doesn’t mean that we are truly protected from online fraud. And being cautious just means doing what we should already be doing anyway. For example, Robert Siciliano, a McAfee Consultant and Identity Theft Expert says, “Ultimately the card holder needs to pay attention to their statements, reconciling them weekly online or monthly and refute unauthorized charges ASAP or within 60 days by law.”
You should immediately report fraudulent charges to your credit card issuer asking that they replace your credit card number with a new one. Make sure you contact any company reported on your billing statement that you don’t recognize, and confirm the charge is something you actually purchased. Identifying fraudulent charges early means you’re not responsible for paying them, so as long as you take matters into your own hands, you have nothing to worry about.
The bottom line? Security codes may be giving you a false sense of security. The real security is up to you. Although many of the experts I talked to said that there is no serious risk in giving your number out to reputable companies, they all agreed that it’s wise to be wary.
Tim Chen is the founder of NerdWallet.com, a site that helps consumers find the best credit card. Tim regularly provides consumer credit tips, and reviews balance transfer offers and other debt management tools.