By now you probably have received a small gift from your bank or credit-card company or both: a card with a visible little chip embedded in the plastic. This is the year we’ve welcomed them into our financial lives, but have they solved every problem? Not quite, and not for travelers.

Previously, we swiped cards that had only a magnetic stripe. Those cards were an easier target for thieves, who could steal and duplicate sensitive financial information. Several large merchants suffered enormous problems.

Chipped cards, also known as EMV (for Europay, Mastercard, Visa), are standard in many countries and were designed to address credit-card fraud. A code that’s unique to the transaction changes each time, CreditCards.com reported in its FAQs about the cards.

That’s important, because credit-card fraud in 2015 totaled more than $21 billion worldwide, about $8 billion of that in the U.S., according to the Nilson Report, which covers payment systems.

Enter the EMV. It isn’t swiped like the old striped cards; it’s dipped, which usually means inserting the card in the “reader” for about 15 seconds until a grating beep bids you remove it. The “liability shift” — that is, making merchants who don’t accept chipped cards responsible for fraud, not the credit-card company — took place Oct. 1 in the U.S.

When we say “liability,” you should understand that it’s not yours. “Consumers are never liable for fraud,” said Sean McQuay, a credit and banking expert with NerdWallet.com, a financial advice website. “That’s the really good news.”

But McQuay noted that EMVs don’t completely solve fraud issues, and that’s important for travelers to know.

There are, he said, three kinds of fraud:

— Duplication fraud. With magnetic stripe cards, thieves copied the information, but the chip makes that less likely.

NerdWallet reported that such fraud dropped by nearly two-thirds when Britain introduced chipped cards more than a decade ago.

— Stolen card. Chipped cards from most U.S. issuers generally don’t solve that problem. Abroad, cards are often used with a personal identification number. In the U.S., a signature is required; a PIN is less common. Of course, a PIN can be stolen by a thief crafty enough to look over your shoulder (then he or she would have to grab your card), but a signature is fairly easy to fake.

— Online fraud. “EMV has nothing to do with that,” McQuay said. And that may be the biggest issue for travelers, who accounted for more than half-a-trillion dollars in online travel-related purchases in 2015, according to Statista.com. If you’re a traveler who pays for hotels or airline tickets online, be especially careful.

In Britain, fraud for what’s called “card not present” transactions increased 120% from 2004 to 2014, NerdWallet reported, adding, “It’s likely that a similar trend will occur in the U.S. after the EMV liability shift.”

Again, you’re not liable, but fraud can be inconvenient. About $600 in airline tickets showed up recently on my everyday “go-to” chipped charge card, which I use for online purchases. The card company alerted me immediately and the card was canceled, a new card was sent and the accounts I regularly pay (I like collecting airline miles by paying, say, the cellphone bill online) were notified.

All good but for this: The new card was sent to my home. I was traveling. Fortunately, I had other cards with me. Rule No. 1: Carry at least one extra card and maybe two. (You might tuck a second card in a secret place just in case of physical theft.)

Second problem: Not every merchant got the memo about the change in my account number. That took a few phone calls to straighten out. Rule No. 2: See Rule No. 1.

As for online purchase safety, “The advice hasn’t changed,” McQuay said.

— Watch out for websites that feel “skeevy,” he said. “If you feel uncomfortable during the checkout process, go to another store,” he said.

— Use a known payment system. If you’re a user of PayPal or Amazon, for instance, and those are options at checkout, that may be a solution when you’re not familiar with the site, he said.

— Monitor your credit-card bill. You generally have 60 days to dispute a charge, but the earlier you catch it, the less likely the bad guys (or gals) will catch on to the vulnerability of your card info.

Credit and debit cards provide great freedom, but there’s a small price to pay for that freedom. Just make sure you don’t unwittingly overpay.

via:  enterprise-security-today