HOW SAFE IS YOUR BANK CARD?

This isn’t the kind of regular articles you read on my blog.

I read a post on Headstart Africa concerning how unsafe bank cards are and this may serve as an add-on to that. I believe we all need more information on how unsafe our cards maybe and the little steps we might take to keep it safer!

One day, I asked a friend of mine to help me with her MasterCard because I wanted to make some order from an international merchant website. As at then, Naira VISA cards weren’t working on most international websites because of a Central Bank Policy. She sent the details of her card to me and very early in the morning, I made transfers to her account and decided to proceed with my orders. I was expecting that her pin would be requested and I was expecting the banking system would generate a one-time security code which would be sent to her phone for authorization.

Guess what? The moment I keyed in her card details, I clicked on the “complete purchase” button and boom! It was successful. I made about six different transactions from different stores and she called me out of shock that morning to say that she got credits and then debits! Telling her it was me calmed her nerves!

Some years ago too, my brother received a debit alert of about forty-five thousand naira and when he rushed to the bank, nothing would be done about it. He got the alert very late on Friday night and was in the bank on Monday morning but 24hrs was enough! The transaction was made on an international website that sells ladies wears. After series of questions, he said he gave his card to a friend to help him withdraw and I said to him “afterwards, he probably won’t need your card to do what he wants to do with it.” He requested that the card be deactivated and till date, he never got a refund.

More recently, a friend called me to report that her mother’s account was debited of five hundred and seventy thousand naira. The alerts came in several smaller amounts till it rounded up to five hundred and seventy thousand naira. They didn’t recover a dime and it devastated them to some extent.  Why do these things happen and how can it be prevented?

HOW DO BANK CARDS WORK?

I understood how credit and debit cards work when I was making a research on how to clone sim cards. Don’t give me that look, I didn’t try it on anyone, it was for research purposes. The science behind bank cards is simple, it simply allows you securely access your account and make transactions instead of writing a cheque or queuing up in the bank for withdrawal. Your cards contain details and certain codes that can access your bank information and perform desired transactions.

Here are some things you must know and do to prevent loss of money!

1. YOUR CARD CAN BE CLONED

In 2014, the UK Cards Association reported that over 300 million pounds were spent using cloned bank cards.

Just like sim cards, the data stored in your bank cards aren’t safe on their own. The details on your card can be transferred to another card that has no information on it. So, you should be careful where you swipe your card or the restaurant and hotel staff you give your card to. The microchip on your card is where your bank information is saved and these things can easily be copied into the machine with which you swiped! In the case that after swiping your card you started noticing unauthorized activities in your bank account, you may need to quickly call your bank. There are some options for preventing cloning of cards which isn’t available in some countries. 

2. YOUR CARD DETAILS MAY GRANT ACCESS

All the stories I shared above happened simply because someone had access to the simple and basic card information. Depending on your card issuer, the card number and the CVV at the back of your card may be all anyone needs to initiate a transaction. So, whether you are giving someone your card to help you make a withdrawal or you gave a cashier your card to make a payment on the POS machine, the details can quickly be captured. When a cashier wants to go inside with your card, you have the right to protest because your card digits may be written down elsewhere and used against you.

You don’t have to give people your bank card to make withdrawals for you but if you must, give it to people you trust. Someone can take your card details and never do anything with it for a long time until you forget they ever had access to your bank cards. Ensure your card is safe with you, it is a personal belonging.

The 16 digits, Expiry Dates and CVV of your bank card may be enough to carry out a transaction.

3. INQUIRE ABOUT TOKENS FROM YOUR BANK

What is a token? In a more simple term, it is the same thing as having “two-ways authentication method” to be able to finalize a transaction.

Some banks ensure stricter security on the cards they issue while some don’t. Access Bank Plc in Nigeria, for example, activates a software token on your VISA cards to authorize any transaction being performed by a third party. This token comes in the form of OTP. Once you sign up for internet banking on your account, the settings are there by default. The last time I used ECO bank card, there was no such thing like authorization and I later learnt that many banks activate it for you on request.

You may either request for a token using your bank app or you fill a form in the bank. The extent with which these tokens protect your card transactions may also be determined by the services you allow it on. It may not be the same thing for every bank. Zenith bank, for example, will simply require you to activate software token from your bank mobile app while GTBank and First Bank may require you to fill a form.

Tokens come in the form of hardware, software or both depending on what your bank offers. So, you may also need to visit your bank’s customer care to know what works best for you as regards protecting your card. This is the best form of protection for your cards at the moment.

4. HTTP WEBSITES ARE BAD FOR YOUR CARDS

When you are making online payments, you should check whether the website you are visiting is secured. This means that the website must be encrypted, ensuring that the details you enter into it are not sent in plain texts. This means when you put in your card details, it is not saved in a way it can be read by the website owners, the webmasters, the admin, hackers or anyone who have access to the dashboards! They can use your card details to initiate further transactions. The website should have “S” after HTTP and that is not enough. You should also check if the green key that appears before “HTTPS” is locked, open or broken. If it is locked, it means it is secured! The image below shows what a secured website looks like.

The green colour means “safe” and the locked padlock means “data is transmitted securely”.

5. AVOID PUBLIC Wi-Fi FOR TRANSACTIONS

Free Wi-Fi can be very appealing! You may be in a hotel, an organization, a campus or a firm where free Wi-Fi is offered to everyone. It is nice but never listen to that voice asking you to perform all your transactions now that you have the opportunity. Public networks are not safe, hackers can use it to access your details. The reason is simple, someone set it up and other people are also connecting to it. It is easy for people to access your Smartphone or PC through public WI-FI. If you must connect to a public WI-FI, disable file sharing by every means and mind the sites you visit! Some Wi-Fi routers can be programmed to redirect to certain URLs.

6. DON’T TAKE IT LIGHTLY

In some countries especially in the Western World where the credit card is king, your card digits and the CVV is all anyone would need to access the credits. Many other countries activate other kinds of security to prevent fraud.

In some countries, your card issuer is responsible for loss due to fraud to some extent. You must report cases within 2 days – 60 days if you noticed unauthorized activities on your cards. If you report within two days, you may be responsible for up to $50 or $500 in the case of reporting within 60days. Aside from that, the remaining amount may take very serious processes to be refunded to you. In Nigeria, you may never get a refund! When you notice any unauthorized transaction, don’t wait to know if magic would reverse it! Report to your bank immediately as the earlier the better.

There are other times you may get a text message or calls claiming to be coming from your Bank’s customer care centre, requesting for your Bank Verification Number, Card Details and other security information with a threat that your account will be blocked if you don’t do so. Simply ignore those messages or visit your bank in the case of doubt or confusion.

7. YOUR CARD IS YOUR BELONGING

I have said this over and over again but I need to say it again. Your bank card is your belonging, it may not be safe even in the hands of the ones you trust with your life because other people close to them can have access to it. Regard your bank card as the key to your treasure vault as you wouldn’t be waving a key to your treasure vault in the public!

The above are a few ways you would be a victim of fraud and ways to prevent it from happening. Always remember, your Bank may not give you all these details if you don’t request for it or don’t research them yourself. Many Bank staffs are also not very informed on some of these security challenges. You must keep your account safe, it is your duty to keep your cards safe but there might be that time when carefulness is not enough and that is where you would need measures like talking to your bank about Tokens, smart chips and so on.

Before I forget! Many banks have suggestion and complaint box these days and you might also make suggestions for implementation of software tokens and stricter security on every single transaction (in case there is nothing like that in your bank). You never know how far your suggestion would go in adding voice to what is already obtainable.