This Week In Credit Card News: Making Your Debit Card Safer; Data Breaches Were Avoidable

More Than 90% of Data Breaches Could Have Been Avoided

Nine out of 10 data breaches that occurred in the first half of last year could have been avoided. A new report analyzed more than 1,000 breaches that involved personally identifiable information. It found that 40% of breaches stemmed from external intrusions; 29% were caused by employees; 18% stemmed from lost or stolen devices or documents; 11% were the result of social engineering. [Internet Retailer]

How to Make Your Debit Card Safer

Although debit cards remain our most preferred payment method, their popularity continues to shrink, likely due to the fraud and risk concerns of consumers. In 2014, 43% of consumers said they preferred to buy with debit cards, compared with 49% the previous year, and an overwhelming majority in the past decade. Meanwhile, consumers preferring credit cards held steady at 35% both years and now include those 65 and older by a 2-to-1 margin. Credit cards may offer more protections beyond the risk of fraud, and there are certain scenarios where you should never use debit cards. But debit cards help you avoid debt and possible interest charges. Here are ways to make them safer. [AARP]

The Need for a National Data Breach Notification Law

Currently, 47 states have their own data breach notification laws. So if a company doing business in multiple states faces a large breach of personal information, that company will immediately be obligated to identify and comply with a patchwork of state laws. These laws may impose different requirements on when and under what circumstances notification is required, and on the method and the content of the notification. In some states, failure to follow these specifications can result in fines, penalties or lawsuits. The result: at a time when immediate response and remediation is critical, these organizations and their counsel must first ascertain and negotiate compliance with any and all state laws that may be applicable to that specific breach. [The Hill]

Amazon Abandons Digital Payments, Leaving Fight to Apple, Google

Amazon said that it is killing its mobile wallet. Amazon Wallet let consumers store gift cards and loyalty cards on their phone to use for in-store and online purchase. But unlike digital wallets from Apple and Google, Amazon’s application didn’t store credit or debit cards. [The Street]

Supreme Court Rejects Retailers’ Bid to Lower Debit Card Fees

The Supreme Court handed banks a victory when it declined to consider a challenge by retailers to Federal Reserve regulations setting fees for processing debit card transactions. The high court’s action removes uncertainty for the banking industry by ending a three-year federal court battle over fees associated with tens of billions of debit card transactions annually. [The Wall Street Journal]

Mobile Payments Quickly Changing the Transaction Industry

Mobile payments are no longer just a trendy way to make a payment. They are quickly becoming the major force in the transaction industry. Mobile payment volume in the United States is projected to increase at a five-year compound annual growth rate of 172%. By 2019, mobile payments will make up nearly 15% of the total payment volume in the United States, accounting for $818 billion in transactions. Apple Pay and its early success is a significant part of this growth. But another factor is the use of mobile payments by the underbanked. Unbanked and underbanked spenders have easily adapted to mobile payments because they allow for fast transaction processing and easy financial management. []

MasterCard Announces a Credit Card Even A Security Fanatic Can Love

If there was a ever credit card that could ease your anxiety about credit card fraud, the new MasterCard (MC) “Hidden,” coming to market later this year, would be it. Hidden is a computer masquerading as a fully functional payment card that works everywhere via swipe, tap, or online entry. The card features several layers of protection you won’t find on your run-of-the-mill credit card, including a light that indicates when the card is “on” and usable. [The Street]

Apple Pay Helps Security, But it’s Not Foolproof

With the introduction of Apple Pay, mobile wallet payment systems promise to disrupt long stagnant payment card industry. But will these new services make our data and transactions safer? On paper, Apple Pay greatly improves data and transaction security, but it’s not foolproof. As usual, hackers are not standing still. A researcher in Germany recently demonstrated how to replicate fingerprints with a high-quality photo of a user’s fingers, which could presumably be used to gain access to anything protected by biometric data. [Payments Source]

Is Google Set to Acquire Mobile Payments Service Softcard?

Google may be in talks to acquire Softcard, a mobile-payments service, in a bid to boost its Wallet and compete against Apple Pay. Softcard, formerly known as Isis, was started jointly by AT&T, Verizon Wireless, and T-Mobile USA in 2010. The company claims that it can be used at over 200,000 merchants, including McDonalds and Subway. Softcard allows consumers to make payments through connected debit and credit cards from American Express, Chase, Wells Fargo and others banks. Reports indicate Google recently entered exclusive discussions with Softcard by offering to buy the service for at least $50 million. [Zacks] Weekly Credit Card Rate Report

Based on the 1,000+ cards in the Complete Credit Card Index, the average advertised APR for credit cards is 14.41%, slightly lower than last week’s average of 14.44%. Six months ago, the average was 14.49%. One year ago, the average was 14.46%. []

Provided by

Source post on MoneyBuilder

This Week In Credit Card News: How To Get Free Credit Scores, New Law On Data Hacking?

Obama Seeks Laws on Data Hacking, Student Privacy

President Barack Obama wants Congress to pass legislation requiring companies to inform customers within 30 days if their data has been hacked. In addition, Obama wants a measure aimed at preventing companies from selling student data to third parties and from using information collected in school to engage in targeted advertising. [Associated Press]

Millions More People to Get Their Credit Score for Free

Millions more people will have free access to their FICO credit score this year. That’s good news for consumers, since the number is widely used by lenders to check potential borrowers’ financial health. Bank of America, Chase and Ally Financial said they will offer the score free to some of their customers this year. The White House announced the new agreements Monday, saying that a free credit score was a tool to help people uncover identity theft.  [Associated Press]

Older Consumer Say Debt Collectors Cross the Line

Problems with debt collectors top the list of complaints that older adults have filed with the Consumer Protection Financial Bureau in the past year. More than one third of the 25,800 complaints filed by consumers 62 and older between August 2013 and October 2014 were about debt collectors who allegedly harassed them by phone, refused to disclose information about the debts or threatened to garnish their wages if they didn’t pay up, among other things. [Marketwatch]

In New Congress, Wall Street Pushes to Undermine Dodd- Frank Reform

In the span of a month, the nation’s biggest banks and investment firms have twice won passage of measures to weaken regulations intended to help lessen the risk of another financial crisis, setting their sights on narrow, arcane provisions and greasing their efforts with a surge of lobbying and campaign contributions. The financial industry has been methodical, drafting technically complicated legislation that can pass the heavily Republican House with a few Democratic votes. And then, once approved, Wall Street has pushed to tack such measures on to larger bills considered too important for the White House to block. [The New York Times]

Six Habits of People With Excellent Credit Scores

Without even knowing it, you might be doing things that are damaging your credit score, which affects your ability to get credit and the interest rate you pay when you do get credit. Consumers sometimes don’t understand which actions will and will not help them improve their credit scores. To take the right steps to boost your score, you need to start by understanding the basics of credit scores. Once you know your score, you can start taking the right steps to improve it. [Kiplinger]

Lender Drops Challenge to Credit Card Comparison Website

Consumers scored a legal win that should allow them to continue comparing credit card interest rates and fees on card-comparison websites. Tensions between certain card issuers and comparison sites intensified last year as the two sides butted heads over what card information consumers could view. Officials at some sites mentioned cases in which lenders cut off ties after the sites criticized their cards for high costs or other negative features. Some sites stopped posting some cards’ interest rates or fees, which made it harder for consumers to compare those cards with others. [The Wall Street Journal]

Credit Card Debt Dropped Significantly in November

The latest monthly report from the Federal Reserve showed a large decline in debt on credit cards during the month of November, the first decrease in three months. According to the Federal Reserve’s Consumer Credit report, the total revolving credit is now $882.1 billion after a decrease of $946 million in November. []

Capital One Acquires Budgeting App Level Money

Capital One has acquired San Francisco-based money management app, Level Money. The app, which is focused on allowing consumers to keep track of their spendable cash and savings, had 700,000 users at the time of the acquisition, and has helped its customers manage over $12 billion in transactions. [TechCrunch] Weekly Credit Card Rate Report

Based on the 1,000+ cards in the Complete Credit Card Index, the average advertised APR for credit cards is 14.44%, identical to last week. Six months ago, the average was 14.49%. One year ago, the average was 14.47%. []

Provided by

Source post on MoneyBuilder

The Big Data Breaches of 2014

A year ago, the country was rocked by the Target data breach. Previously, consumers rarely thought about the security on their credit or debit cards. But all that changed when Target reported that 40 million debit and credit card numbers had been stolen during the holiday shopping time last year.

Little did we know that data breaches would be the top story that haunted the card industry throughout 2014.

Here is a look back at 20 of the major data breaches of the past year:

Neiman Marcus
In January, news broke of a card hack at Neiman Marcus where hackers accessed the debit and credit card information of customers who shopped at this chain between July 16, 2013 to October 30, 2013. Only in-store customers were affected, not online transactions. Originally, the company estimated that as many as 1.1 million cardholders could have been affected. But further investigation found that it affected a maximum of 350,000 customers. The breach occurred when malicious software was installed onto the Neiman Marcus system that collected payment card data from customers who made purchases during those dates.

White Lodging
In early February, a hotel franchise management company that manages 168 hotels in 21 states suffered a data breach that exposed hundreds of guests’ debit and credit cards information in 2013. White Lodging Services Corporation maintains hotel franchises for some of the top names in lodging such as Hilton, Marriott, Westin and Sheraton. Sources reported that the data breach centered mainly around the gift shops and restaurants within these hotels managed by White Lodging, not necessarily the front desk computers where guests pay for their rooms.

Sally Beauty
In March, it was reported that over 280,000 debit and credit cards were stolen and sold on an underground crime store. Three different banks bought back their customers’ debit and credit card accounts from this store in the hopes of finding a “common point of purchase” among them. That common point turned out to be Sally Beauty stores. Sally Beauty operates 2,600 retail stores in the United States, selling beauty products to consumers and professionals.

Michaels, the nation’s largest arts and crafts chain, reported a data breach at the end of January. The company said close to 2.6 million cards used in payments at their stores were potentially exposed between May 8, 2013 and January 27, 2014. Another 400,000 cards may have been affected at Aaron Brothers stores between June 26, 2013 and February 27, 2014. Michaels said debit and credit card numbers and expiration dates may have been exposed, but personal information such as addresses, names and PINs were not compromised.

11 casinos
In May, Affinity Gaming, which operates 11 casinos in Nevada, Colorado, Iowa and Missouri, announced they found evidence of a hack on the casino’s debit and credit card system for non-gaming purchases. While the breach did not impact money spent directly on gambling, it did affect customers who paid for other items and services at casino resort facilities. Hotel rooms, food and drinks are all processed through this system. In December 2013, Affinity Gaming announced that its card processing system had been infected with malware which may have compromised card data from customers. This data breach apparently took place between December 2013 and April 2014.

New York
According to a report from New York’s Attorney General, 22.8 million private records of New Yorkers were exposed due to data breaches over the last eight years. The data breaches were reported by over 3,000 businesses, nonprofit organizations and government agencies. Intentional hacking exposed most of the accounts, accounting for 40% of the 5,000 incidents. Lost or stolen equipment, insider wrongdoing and inadvertent errors were also major factors.

PF Changs
In June, P.F. Chang’s China Bistro reported a security breach that affected customers at 33 restaurants located in 16 states. The intruder may have stolen some data from certain credit and debit cards that were used during an eight-month period from October 19, 2013 to June 11, 2014. The potentially stolen credit and debit card data included the card number and, in some cases, the cardholder’s name and/or the card’s expiration date.

Albertsons & SuperValu
In August, some of the country’s most popular supermarkets, including Albertson’s and SuperValu, reported they experienced data breaches over the summer. Hackers broke into the debit and credit card payment networks of the stores under the AB Acquisitions LLC umbrella. This includes Acme, Shaw’s Supermarket, Star Market, Cub Foods, Farm Fresh, Hornbacher’s, Shop ‘N Save and Shoppers Food & Pharmacy. SuperValu said the hack affected 228 of its stores. Albertson’s estimated that more than 700 of its locations were impacted in Idaho, Montana, Southern California, Nevada, North Dakota, Oregon, Wyoming, Southern Utah and Washington. SuperValu and Albertson’s use the same technology to process their payments.

Community Health Systems
In August, Community Health Systems said information on 4.5 million patients was stolen in a cyber attack that may have originated in China. The data breach may have impacted anyone who was a patient in a CHS hospital during the last five years. Hackers may have obtained the patient names, birth dates, addresses, telephone and social security numbers. However, in a filing with the Securities and Exchange Commission, the company said no credit card numbers or medical or clinical information were taken.

In August, United Parcel Service reported a data breach may have occurred in 51 of their UPS Stores, possibly leading to the theft of customer debit and credit card information. Malicious software that was not identified by current anti-virus software led to the breach. Customers who used a debit or credit card at the 51 stores between between January 20, 2014 and August 11, 2014 were warned that their names, postal addresses, email addresses and payment card information may have been exposed. These 51 UPS Stores represented just over 1% of the 4,470 franchised center locations across the United States.

Dairy Queen
In August, International Dairy Queen began an investigation into a data breach in its stores. In November, it confirmed the breach took place in 395 locations and may have affected nearly 600,000 debit and credit cards. The company found that Backoff malware, used in so many recent cyber attacks, affected the payment systems in these locations. Customer names, debit card and credit card numbers and their expiration dates were compromised.

In early September, Goodwill Industries confirmed that a data breach in 330 of its stores may have compromised an estimated 868,000 debit and credit cards. Payment card information, such as names, payment card numbers and expiration dates, may have been compromised. However, personal information such as addresses and PIN numbers were not affected. According to their investigation, a third-party vendor’s systems were attacked by malicious software, enabling criminals to access some payment card data of a number of the vendor’s customers. The impacted Goodwill stores used the same affected third-party vendor to process credit card payments.

Home Depot
In September, Home Depot, the world’s largest home improvement chain, confirmed that a whopping 56 million credit and debit cards were affected by a data breach. Then in November, the company disclosed that hackers had also stolen 53 million email addresses. The company said criminals used a third-party vendor’s user name and password to enter the perimeter of Home Depot’s network. The hackers then acquired elevated rights which allowed them to navigate portions of the company’s network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada.

Jimmy John’s
In late September, sandwich shop chain Jimmy John’s confirmed that criminals hacked into their point of sale systems at 216 stores and accessed customer debit and credit card information. The breach took place between June 16 and September 5. Hackers obtained the account numbers on these cards, and may have access to the cardholder name, verification number and/or expiration date. The company, based in Champaign, Illinois, said the hackers were able to obtain the login credentials from the chain’s payment technology vendor and access its point of sale system. The breach did not affect any cards used in any online order or a transaction where the card number was entered manually.

JP Morgan Chase
JP Morgan Chase, the nation’s largest bank in terms of assets, acknowledged a massive data breach that affected 76 million households and 7 million small businesses. The bank disclosed the extent of the breach in a filing in early October with the Securities and Exchange Commission. The bank reported no unusual customer fraud had resulted from this breach. Hackers obtained personal information such as customer names, addresses, phone numbers and email addresses. However, JP Morgan Chase said that sensitive bank information–account numbers, passwords, social security numbers and birthdates–were not part of the breach. The breach occurred in June and July, and affected customers that used Chase web and mobile services.

Most of the major data breaches that occurred in 2014 took place with transactions at store level, not with online purchases. Not so with Sourcebooks, the popular online bookstore. The shopping cart of Sourcebooks was compromised between April and June of 2014. Hackers were able to steal names, addresses, credit card numbers, expiration dates, card security codes and email addresses. Sourcebooks reported that 5,204 customers were affected by the hack.

In a filing in early October with the Securities and Exchange Commission, Kmart said a month-long data breach took place in early September. Debit and credit card numbers appear to have been compromised. Kmart, which is owned by Sears Holding Corporation, did not disclose the scale of the breach. They did not believe hackers were able to obtain social security numbers, email addresses, PIN numbers or personal information from the system.

Office supply chain Staples acknowledged in December that a credit card breach took place in 119 stores between April and September. The malware intrusion may have resulted in the theft of as many as 1.16 million customer credit and debit cards.

In December, Bebe Stores, a women’s clothing retailer, officially confirmed a data breach at its stores during the month of November. The breach impacted shoppers from the United States, Puerto Rico and the U.S. Virgin Islands who visited Bebe between November 8 and November 26. The company operates 175 retail stores as well as 35 outlet locations.

Data continues to come out about this November 24 Sony breach. In early December, hackers leaked five unreleased movies online and some employees’ Social Security numbers. The security firm Identity Finder found the hack exposed over 47,000 Social Security numbers, including over 15,000 current or former employees. In addition, these numbers appeared more than 1.1 million times on 601 publicly-posted files stolen by hackers. A significant number of files containing the Social Security numbers were accompanied by other personal information, such as full names, dates of birth and home addresses, increasing the chances of identity fraud.

Source post on MoneyBuilder

This Week In Credit Card News: Time To Get A Fixed Rate Card? Are New Credit Cards Safe?

Why New Credit Cards May Fall Short on Fraud Control

This year, firms are expected to roll out more than a half-billion new credit cards embedded with computer chips that create a unique code for each transaction, making counterfeiting much more difficult. In a retreat for the industry, however, the new cards don’t use some technology that could prevent fraud if a card is lost or stolen. Instead of requiring customers to put in a personal identification number, or PIN, the new cards need users to authenticate credit-card transactions the same way they often do now, with a signature. PINs are widely considered to be more secure than signatures, which can be easily copied. [The Wall Street Journal]

Find a Fixed Rate Credit Card

With interest rates likely to start rising later in 2015, now is a good time to think about how to keep the interest payments on your credit cards from creeping up, too. The number of cards with fixed APRs has waned, largely because legislation that took effect in 2010 made raising fixed rates more difficult for issuers. But some small banks and credit unions still offer fixed-rate cards, so it’s worth inquiring locally. [Kiplinger]

Credit Card Data Breaches Didn’t Alter Holiday Shopping

The rash of credit card breaches at major retail chains during the past year had a surprisingly low impact on holiday shopping, according to a recent survey by Only one out of six respondents (17%) said credit card breaches had any influence on how they paid for their purchases, and an almost identical number (15%) said these hacks affected where they shopped. []

Credit Card Readers: Small Businesses Now Have More Options

Small business owners looking to ditch traditional credit card readers have more options than ever. Mobile credit card readers are small devices that stick into a smartphone or tablet and allow credit cards to be swiped and accepted from anywhere. Small business owners say mobile readers can be cheaper than traditional in-store credit card readers, which often charge higher fees. [Associated Press]

Major Data Breaches of 2014

A year ago, the country was rocked by the Target data breach. Previously, consumers rarely thought about the security on their credit or debit cards. But all that changed when Target reported that 40 million debit and credit card numbers had been stolen during the holiday shopping time last year. Here is a look back at 20 of the major data breaches of the past year. []

Chick-fil-A Investigates Possible Data Breach

Chick-fil-A Inc. is investigating a possible data breach last year at some of its restaurants, the company reported Dec. 31. The Atlanta-based quick-service chicken chain, which has more than 1,800 units, said it was first alerted on Dec. 19 to the “suspicious” payment card activity at “a few” of its restaurants. [Nation's Restaurant News]

Morgan Stanley Fires Employee Over Client Data Leak

Morgan Stanley fired one of its financial advisers after it accused him of stealing account data on about 350,000 clients and posting some of that information for sale online. It could be the largest data theft at a wealth-management firm. Morgan Stanley said its employee downloaded information on about 10% of its wealth-management clients. On December 27, it discovered data related to about 900 of its client accounts during a routine review of public websites known to traffic such information. The bank said no clients were financially harmed. [The Wall Street Journal]

Payday Lenders Could Face Fed Rules for the First Time

The payday loan industry, long the target of consumer advocates, is now in line to be regulated by the federal government for the first time. The Consumer Financial Protection Bureau is working on writing rules to oversee the $46 billion short-term loan industry. They could include requirements that the lenders first check whether borrowers have the ability to repay the loan. In a payday loan, borrowers essentially pledge their paycheck as security by writing a check to the lender in advance of their payday or by giving the lender authorization to draw money from their bank account on payday. [CBS Moneywatch] Weekly Credit Card Rate Report

Based on the 1,000+ cards in the Complete Credit Card Index, the average advertised APR for credit cards is 14.44%, slightly lower than last week’s average of 14.45%. Six months ago, the average was 14.50%. One year ago, the average was 14.48%. []

Provided by

Source post on MoneyBuilder

This Week In Credit Card News: How To Raise Your Credit Score, Don’t Max Out Credit Cards

4 Ways to Raise Your Credit Score in 2015

When you’re writing out your New Year’s resolutions this year, why not add “improve my credit score” to your list? While erasing major credit blunders, such as a foreclosure or collections account, can take years, you can still take some relatively simple steps to boost your credit score. [U.S. News]

The Danger of Maxing Out Your Credit Cards

A consumer with excellent credit who maxes out a credit card will see a credit score drop of 25 to 45 points. In other words, someone with a superb 780 score could see that drop to 735. In fact, the higher your starting score, the more a maxed-out card can hurt you. Someone with a so-so score of 680 stands to lose only 30 points, at most, says FICO. []

Anonymous Hackers Release 13,000 Passwords and Credit Card Details of Amazon, PlayStation and Xbox Users

A hacker group has released a cache of 13,000 passwords, usernames, and credit cards purporting to belong to users of popular web services including Amazon, Xbox Live and PlayStation Network. [The Independent]

A New Way to Check Your FICO Score

Consumers have a new way to keep an eye on their FICO credit scores, but it comes at a fairly high price. Experian, one of the three major credit-reporting companies, began offering a FICO score Monday as part of a credit-monitoring service that costs $21.95 a month. The FICO score consumers will receive will be based on the information in their credit report with Experian. The company will also alert subscribers to activity such as attempts to open accounts in their name, as well as provide help if they become victims of identity theft. [The Wall Street Journal]

Users Reporting Apple Pay Problems After Changes in iPhone Security Status

Several iPhone 6 owners on forums are reporting an issue with Apple Pay after making changes to the their phones that automatically reset the Apple Pay service. [MacRumors]

The Hidden Student-Debt Bomb

It is time to re-evaluate how we measure the performance of student-loan programs–particularly whether borrowers are or are not meeting their obligations. Lawmakers have provided students with options that let them punt on repayment without triggering delinquency or default. Lately, students have been availing themselves of those options at rising levels. [The Wall Street Journal] Weekly Credit Card Rate Report

Based on the 1,000+ cards in the Complete Credit Card Index, the average advertised APR for credit cards is 14.45%, slightly below last week’s average of 14.46%. Six months ago, the average was 14.52%. One year ago, the average was 14.46%. []

Provided by

Source post on MoneyBuilder