Is it safe to save my credit card details on shopping websites?

You can never be too careful when it comes to protecting your credit card and account details. We take a look at how you can protect your accounts.

Many people are probably finding themselves doing more of their “non-essential” shopping online or over the phone these days as they stay home as much as possible to help reduce the spread of coronavirus. You may find yourself wanting to buy something over the phone but are wondering if it is safe to give out your credit card details. Or maybe you want to know if it’s safe to save your credit card details on sites you use regularly. Here are the answers to some of these common questions.

Is it safe to save my credit card details on shopping websites?

Many online shopping sites give you the option to store your credit card details online so you don’t have to fill them in each time you make a purchase. The common term for this is “card on file”. There are a number of protocols outlined by Visa and Mastercard that the merchant must follow when you have given them permission to store your details. This includes not being allowed to store your Card Verification Value (CVV) which is the three or four digit number usually found on the back of the card. This policy also applies to other common sites and services such as Google, iTunes, and Uber etc. You will need to manually enter the CVV if you want to make a purchase.

Even though retailers have to adhere to certain protocols it doesn’t mean your account details are completely safe. You may still be vulnerable if there is a data breach and the website is hacked. Because of this, it could be a good idea to err on the side of caution and avoid saving your credit card details.

There are alternatives such as PayPal, Visa Checkout and Mastercard Masterpass which let you make online payments without even having to enter your credit card details each time you want to make a purchase.

I’m buying something over the phone – is it safe to give out my credit card details?

Let’s get the obvious point out of the way. You should never give your credit card details to someone over the phone unless you know the person or business and trust them – and perhaps most importantly – you called them directly.

If you do want to make a purchase over the phone, one way to try safeguard yourself is to ask the merchant to complete the transaction over the phone so that they’re not scribbling down your card details. This could lead to your details falling into the wrong hands. And if you are reading out your credit card details avoid doing it in a public space where someone might overhear and possibly jot down the details. You should also ask for a receipt number for the transaction.

If a friend owes me money is it safe to hand over my BSB and account number?

Giving your BSB and account number to a third party to receive or send funds is generally safe, but you should only give out banking details to organisations or people who you know have a genuine need for this information.

Technically, if somebody has your account details, they could set up a direct debit and have their insurance or gym membership paid courtesy of your bank account. Of course, this is fraud and how long it would go on depends on how often you check your account. I suspect that after one or two withdrawals you will have picked it up but it is a possibility.

These days though there are a number of different ways that you can transfer money without having to hand out your bank account details. PayID is one example. The service, offered by most institutions, lets you create a PayID by choosing something easy to remember, like a phone number or email. You register it with your bank who will securely link it to your chosen account. Then to get paid, you share your PayID. Even this isn’t 100% safe as some accounts with PayID were hacked last year.

Then there’s the Beem It app which is a joint venture between NAB, Westpac and Commonwealth Bank. It lets you pay, request and split money quickly, for free.

If you have a PayPal account another option is PayPal.Me. The person transferring money will also need a PayPal account. You create a link and then share it with family or friends. They can then click the link, enter the amount, log in to their PayPal account and they’re done. The money will be in your PayPal account in moments. They may be charged a fee if they pay you using their credit card.

To stay safe it’s important to just be careful about who you share your details with and keep an eye on your account so that if you spot anything suspicious you can report it quickly.

My child bought something using my credit card without my permission. Where do I stand?

Chances are your child has used your credit card details to make an in-app purchase or an online game and can happen if you don’t have the controls set up properly. It’s unlikely your credit card provider will refund the charges (unless you’re claiming fraud) but you may have better luck contacting the app store or gaming provider to request a refund.

The Australian Competition & Consumer Commission (ACCC) recommends contacting the relevant app store as soon as possible to request a refund. The ACCC points out that some app-related purchases can be billed to your mobile phone bill in which case it suggests contacting your mobile phone provider about the transaction.

It’s a good idea to take steps that can prevent your child making purchases without your permission in the future. You might turn off in-app purchases completely, or require a passcode for every in-app purchase. Apple’s Screen Time feature can be used for that very purpose and Google Play lets you turn on authentication settings.

If your child’s purchase means you find yourself in financial difficulty contact your credit card issuer as soon as possible as they may be able to assist you. They may review your interest rate, offer to extend the term or reduce the payments. It’s worth a call.

Consider having a conversation about spending online and put boundaries in place to prevent this from happening. Also keep your credit cards in a safe place.

What should I do if I spot a transaction on my account that I don’t recognise?

There might be a simple explanation. For example if there is an additional cardholder ask them if they made the purchase. Or perhaps the name on your bank statement might not seem familiar but some stores have different business and trading names so you may very well have made a purchase. A google search could help here or some institutions have a feature on their internet banking that lets you look this information up.

If you’ve done this research and still think the transaction is fraudulent then contact your financial institution as soon as possible to dispute the transaction. In many cases you will be reimbursed for any unauthorised transactions. According to MoneySmart you are less likely to get your money back if you:

• acted fraudulently
• didn’t keep your PIN or password secret
• unreasonably delayed telling your bank that your card was lost or stolen
• unreasonably delayed telling your bank that someone else may know your PIN or password
• accidentally left your card in an ATM.

Main image source: Konstantin Kolosov (Shutterstock)