ORLANDO,Fla. – (KPRC) If you don't have one already, you will soon: banks will issue nearly 600 million new credit cards embedded with chips by the end of 2015. They say the cards will cut down on fraud that is costing companies billions of dollars every year.
[WEB EXTRA: Password Tips & Identity Theft Insurance Tips | Consumer Reports on Identity Theft Insurance]
It's because of hacks like the recent attacks at Target, Home Depot and Neiman Marcus. Thieves have hacked into payment systems at major retailers, stealing credit card information from millions of customers. Billions of dollars later in refunds and reissuing cards, the industry's answer is chip-enabled credit cards.
"Cloning the chips will be hard," said Chris Bronc, a University of Houston computer security professor.
That's the idea. About two out of every three fraudulent credit card charges are a result of a thief accessing your card information, then using it to make a counterfeit card and putting all of your account data right on the magnetic strip of the phoney one. But the chips don't transmit your account information when you make a payment.
"When the chip card is being read by the terminal, the computer chip on the card is generating a unique one time code that changes with each transaction," said Visa's Stephanie Ericksen.
That one time code is useless for future transactions, even if hackers intercept it. The new cards have a chip, but they still have the magnetic stripe that holds all the sensitive information a hacker needs. The majority of stores don't even have the equipment to read the chips, so you're still swiping and they're still storing your data.
"There's going to be a conversion period that may take a couple of years for all of the terminals to read a chip all of the time," said Ericksen.
The first deadline is this October. If merchants don't have the proper chip-reading terminals by then, they will be liable for fraudulent charges, not the bank.
That's why Foley & Lardner attorney Adam Losey said you'll want to keep checking your bank and credit statements for fraudulent purchases, and it's not just big ones you'll want to watch out for.
"Some of the savvier criminals will get into your account and you'll never know it until they see an opportunity and act," said Losey. "Hackers may also get to your information through your email account. They may sit there for six months until you go to buy a house and somehow during closing they figure out a way to pull out money with a wire pretending they're the escrow company."
He said if they do take money out regularly, it could just be a small amount.
"Another thing they might do is microtransactions," said Losey. "They may be pulling a dollar or two out of your account every month. Occasionally there's weird $2 or $3 charges associated with a gas station or an ATM or something else like that. Well, some of those may not be a gas station or ATM. They could be a criminal that's been siphoning small amounts out of your bank account for a long time."
He said if you do get hacked, there are five things you want to do right away:
-Call your bank or card issuer
-Change your account passwords
-Flag your credit report
-Report the fraudulent transaction to the FTC
-Report it to the police
"You want to show that you did everything you possibly could to report it," said Losey.
Although many credit card companies do offer purchase protection, several different companies offer Identity Theft insurance.
Some experts said it may not be necessary because the information someone stole can't be taken back, but Losey said it is an option to consider, especially if you believe there's a high risk for yourself.
"Aside from recouping the actual dollar amount damages, a lot of these policies can go towards the legal fees, towards hiring a lawyer to try and put the toothpaste back in the tube," said Losey.
He recommended people check also want to check out their homeowner's or renter's insurance policies to see if they have coverage through those.
"A lot of general lifestyle policies will also include amounts that enable you to make claims or recover for identity theft and things like that," said Losey. "I know it may be boring to sit down and read through your policy, but you really should read through it because if you're paying for coverage, you want to know how you're covered so that you can use it."
Losey said that's why the most important thing is making sure you report the hack to the police, even if it doesn't seem significant or necessary. He said you want to do that as soon as possible, because in some cases, if you wait too long, you can end up on the hook for the charges.
"If somebody broke in your house and stole a TV, and six months later you told your insurer, 'Somebody stole my TV, I need a new one,' what would they say?" said Losey. "'Well, why didn't you call the police?' Because when you are the victim of a crime, it's a good thing and an expected thing that you call the police, both so they can find the person responsible and prosecute them and so they can get your property back or make a record of your claim."
Some experts said online fraud may skyrocket as the switch to the chip cards is underway. Creditcards.com reports when the United Kingdom made the switch, online fraud surged 79 percent.
"There's lots of people out there whose whole job, day in day out, show up at work at 8 a.m., leave at 5 p.m. -- their job is to look at your email account, try to get in your bank account and try to take as much of your money as possible," said Losey.