There's no question that business travel can help your company take off. But unless you take care with your credit cards while on the road, your identity could go off on its own trip. In fact, there was a new victim of identity fraud every two seconds last year, according to the 2014 Identity Fraud Report by Javelin Strategy & Research, and one in three consumers who received notice of a data breach became a victim of fraud.
One need only look at recent news reports for proof, from the massive Target hacking to one that hit a little closer for traveling 'treps, the breach at hotel operator White Lodging (which manages 168 properties for brands such as Marriott).
But there's no needto cancel that next trip. Follow this home-and-away plan to keep your identity with you, where it belongs.
Before you leave:
Keep in touch with your credit card companies. "We look for any changes in spending patterns," says Brent Reinhard, general manager of Ink from Chase. So add this to your pre-travel to-do list: Call your issuers and let them know when you'll be gone and where you're going. If you do get fraud-related inquiries from your issuer, respond promptly--either to say "no, not me" so they can shut the card down or to let them know that all those charges you racked up while wooing clients are, unfortunately, yours.
But be warned: If you receive a call from your card issuer, listen closely to make sure you're not speaking to a hacker. Phishing scams are prevalent right now. If someone asks for personal information, be suspicious. "If we call to ask you about a transaction, we don't ask for your account number or for personal information," Reinhard says.
After the Hack
If you think your security has been breached, the Federal Trade Commission has a few tips for protecting your identity.
• Place an initial fraud alert with one of the three major credit bureaus: Equifax, Experian or TransUnion. (The bureau you notify will inform the others.) With an alert on your file, a business must verify your identity before approving credit requests. The alert is free and stays on your report for 90 days.
• Order your credit reports. With an initial fraud alert in place, you're entitled to a free report from each of the three bureaus. If you can identify which account has been hacked, contact the lender by certified mail.
• File an Identity Theft Report with the FTC and print it out for use as your Identity Theft Affidavit to file a police report. You can use this to get fraudulent information removed from your credit report. --B.H.
Keep account numbers in a safe place. "Keep important information on a password-protected, encrypted thumb drive," says Adam Levin, chairman and co-founder of Identity Theft 911, which provides identity management solutions.
Use real passwords. Yes, this old chestnut again. But until people stop using their pets' names or kids' birthdays as passwords--info they often share on Facebook--it's worth repeating. "Oversharing on social media makes you vulnerable. Criminals can piece together details of your life to guess passwords," says Ellen Richey, chief enterprise risk officer for Visa. Protect yourself by using passwords that can't be connected to your personal information.
Know what you're liable for. The Truth in Lending Act limits your liability for credit card fraud to $50. But many issuers offer zero liability. "Offering zero percent liability is part of our operating policy. All issuing banks that we partner with have to agree to that policy," Richey says.
Use a Virtual Private Network. Even if you're on a network that's supposed to be secure, your data can be stolen. A VPN offers more security when you're traveling. When you connect to a VPN, traffic from your laptop is encrypted and sent to a third-party server; the data is then safely forwarded to the web. It's worth the $7 to $20 service charge.
On the road:
Don't use your debit cards. Credit cards offer more liability protection than debit cards. Also, if you use a debit card and your PIN is stolen, your account can be drained.
Use Tyvek sleeves. Contactless credit cards use Radio Frequency Identification technology--and electronic scanners can read them straight through a purse or wallet. Skip the pricey data-protection wallets (Consumer Reports found many to be faulty) and opt for cheaper and more secure Tyvek card sleeves.
Check online accounts frequently. Be vigilant: Look for any unauthorized charges, including small amounts. Criminals sometimes check to see if an account is live by sending through a small, easily overlooked charge; shortly after the Target breach, a charge for $9.84 showed up on the statements of stolen accounts.
Use account features that offer alerts. Major credit cards often have features that allow you to get alerts about purchases or amounts. For instance, Visa offers real-time transaction alerts that notify you as soon as your card has been used.
Be careful with public Wi-Fi. "Be sure you're on the Wi-Fi network you think you're on," Levin cautions. Sometimes, a fraudster will create a Wi-Fi name that differs by one letter or one number from the protected Wi-Fi you think you're using. It's easy to glance at it and not realize it's a different network.
It won't likely cause you to lose your shirt financially, but becoming the victim of identity fraud can derail a business trip in no time flat. But as Reinhard advises: "Stay on top of your accounts, and you can really reduce your risk."
The U.S. is one of the last countries to migrate to Europay MasterCard Visa (EMV) chip cards. EMV is a set of global specifications for payment cards that use smart-chip technology, which makes them less susceptible to fraud than magnetic-stripe versions. Merchants are encouraged to make the transition by October 2015, when the liability shift will come into effect, says Visa's Ellen Richey.
There are several categories of smart cards, but Randy Vanderhoof, executive director of the EMV Migration Forum, predicts that U.S. consumers will be seeing both chip-and-PIN and chip-and-signature cards in the next year or so. "The chip-and-PIN cards offer an extra layer of security," Vanderhoof says. "But even the chip-and-signature cards will significantly reduce counterfeit fraud."
Despite the added protection, you need to stay vigilant. "Smart cards are not a silver bullet," Adam Levin of Identity Theft 911 points out. "You'll still have to worry about payment fraud with online transactions." --B.H.