Jagoinvestor
January 7, 2013
6 credit card myths – which can kill your financial life someday !
One of the most used financial products is the Credit card. We all spend so much time to get best credit card, but I have never seen someone, who has spend his time to fully understands the importance of the CVV number, One time password, Signatures on the back of credit card or how secure their credit card is overall ! .
There are so many credit card frauds going on, and yet each of us thinks, that our credit cards are fully secure and it cant happen with us. However, this is really far from the truth, because of the 4 big myths people have about their credit cards and we will bust them today for you, so that you become a more powerful and informed investor!
Myth 1 – My Credit Card is secure, because no one knows my PIN/Password
When you make a transaction through a credit card in India, at the end of the transaction, you are asked to enter one more final PIN number, which makes your transaction more secure and gives you an additional layer of security. RBI had come up with this additional password requirement just last year. While you needed credit card number, expiry date and your CVV number to make a transaction earlier, now as an extra security layer, you need this additional PIN too.
However note that this is limited to online transactions on Indian websites only. When you make a transaction outside India, this additional step is not compulsory. This means that someone having every other detail of your credit card other than your PIN can also do transactions even if he does not know your PIN . You must have realized this yourself, if you have done any transaction outside India.
Myth 2 – No one knows my CVV number, so I am secure
One of the biggest myths about credit card is that, if no one knows your CVV number, its impossible to do the transaction. Take a small breath, while I tell you this.
“CVV is not always mandatory on all websites to make an online transaction.”
Yes, you heard right!. You can make a online transaction on few websites out of India with only the Credit Card number, the expiry date and obviously the name of the credit card holder. If you don’t believe me, here’s a small example.
Try to book a domain name at godaddy.com. I was almost numb, when I booked a domain name some time back, only to realize that the domain name was booked, but the site never asked me my credit card CVV number and I was like – “What ?! Seriously ?!” . I then found out, that asking for CVV number is just optional for credit card merchants. While some countries make it mandatory, others don’t. It’s just a choice!
So make sure you are safe, do this
- Scratch your CVV number on the back of your credit/debit card
- Always make sure the swiping happens in front of your eyes! , I know, it can be a little embarrassing for you, but its just an extra mile security, see if its possible for you
- Better do not use Credit Card at all , use Debit card instead!
Myth 3 – My credit card can’ t be duplicated.
Yes, your credit card can be duplicated and it happens in India. A card (credit or debit) might be using something like EMV chips or Magnetic strips, and that’s where the problem is at. While EMV chips are more secure, the magnetic strips are not!. If your card has magnetic strips, it can be duplicated.
Here is how it works …
Your card has a lot of data inside it and it sits on the magnetic strip. When the card is swiped, all the data is extracted from it, for verification purposes. Now some expert hacker with bad intentions, can extract all this data from the swipe machine and make a new card using a technique called Cloning. There are machines called “skimmers” , which helps in extracting the data from the swiping machines to a new card. If you are still wondering if this all happens in India, here is a story excerpt from Hindu website
According to the police, the machines were used to swipe cloned cards by one Rahul. The cloned cards were arranged by Pankaj Deewan, Yogesh Mahajan and Yasin through their contacts. The amount transferred to Dheeraj alias Rohit’s account was shared by the machine holder and cloned cards holder at 40:60 ratio respectively.
Following this, the police launched a hunt and subsequently arrested Dheeraj, Pankaj, Yogesh and Yasin. They purportedly told the police that the domestic cards were cloned by one Kamal and international cards by Devender Chauhan of Agra with the help of a professional hacker. The cards were cloned by obtaining information of genuine customers and then copying the same on a plain card having a magnetic strip. According to the police, the accused used skimmer (a device used to copy data from credit/debit card) for the same.
And if you still don’t believe all this, here is a video you might want to spend time on
Myth 4 – The signature on the back on credit card does not matter much
One of the most misunderstood and unknown facts about credit cards is the signature on the back of the card. Let’s understand the rule today and lay this to matter to rest. If a credit card does not have a signature on the back, it’s an invalid card. As per the agreement between card issuer and merchant (the shops and hotels which give you the facility to swipe the cards), the merchant is supposed to check the signature on the back of card with the signature on the bill, and only if they match, the merchant should allow the card to be swiped.
However almost all the merchants avoid checking it, as if it does not matter at all. This is violation of terms and conditions and if you have lost a credit card which was SIGNED, and some transaction takes place, you are not suppose to be charged, because the merchant should have checked the signatures on card with the signature on the bill. What this means is that if there has been ever a fraud on your credit card, and you are asked to pay the money (Like this Incident) , just ask your card issuer to check the signature on the bill with your specimen signatures with them and if they do not match, they are not suppose to pay the merchant at all and let merchant take the loss for not doing their duty of checking the signatures.
This explains why you should sign your cards on the back and not leave them blank, because if someone steals your card and puts his signature on the back, then the transaction can be done successfully even if the merchant does his duty of checking the bill signature with the signature on card and in that case you are bound to pay the money to card issuer.
MYTH 5 – By paying minimum balance, I do not have to pay Interest
As you have used your credit card and now it’s time to pay your bills of Rs 15000. But you don’t have money to pay back the bill. You are in tension because if you don’t pay your bill you will be charged penalty. So to avoid penalty you pay minimum balance of Rs 3000 and now you will not be charged penalty. So now the left over bill amount is Rs 12000.
You must be happy that you will have to pay Rs 12000 only but let me tell you that you will have to pay Interest of 3 to 4% on this 12000. So even if you pay your minimum balance to avoid penalty but you cannot avoid the interest charged on the left over amount.
MYTH 6 – Too many credit card will improve my credit score
Many people think that if they opt for more than one credit card then there credit score will increase eventually. But this is other way round. If you opt for too many credit cards you won’t improve your credit score but you end up being more dependent on these credit cards, which is not a good sign. Managing too many credit card becomes burdensome.
Tips to Secure your Credit Card
I hope, now that these myths are busted, you are a more informed and powerful person who the rules of the game of credit cards . To summarize, lets put out some tips to secure your credit card
- Do not share your one time credit card password (IVR) with anyone ever
- Scratch your CVV number and remember it in your head !
- While making any online transaction, make sure the website starts with https://
- While making any transaction offline like on petrol pumps , hotels etc, make sure its swiped in front of you as far as possible.
- Make sure the card is swiped on a machine which is issued by authorized banks and not some machine which looks suspicious , it can be a “Skimmer” machine which steals your data.
- Put a signature on the back of your credit and debit card, so that unauthorized transactions are not done and you are protected a card holder
- If possible, better use a credit card which has a small limit like 10k or 20k for shopping.
- There are virtual credit cards these days, you can use them for online transactions
If you ever had any incident that was mentioned here, please share it with others and if you have some thing to teach others, please share it here with everyone.
It is slightly scary to know that some transactions don’t require your CVV. I always put very little money in my account, just to be on the safe side.
Yes, better to not have very high limit on your day to day use credit card
Dear Sir, today i received call on behalf of HDFC bank. Person told his name Rahul HDFC Bank Manager. He said that your credit card not activated yet that’s why i call you for the online activation. as card was received only one day before and massage received on my phone also states that the card we dispatch to you in deactivated mode. He ask for
1. ATM card type like visa or Master
2. Credit card No
3. Expiry date
Above detail I was given to person but then he asked “what is the CVV no on the card”.
Then I was enquired about his name and bank branch name and deny to give CVV no.
He warned me that if not give detail he will cancel the activation request.
I was cut the phone immediately. Just want to know that the information given by me to that person problematic for me or help in any online transaction/fraud activity?
Hi Naresh
I would suggest you get your card blocked as these are very sensitive information and there are ways to take advantage of these information as well.
No a days http://www.godaddy.com use ccavenue payment gateway to process Payments. What, you wrote was correct few years back, but as this company has presence in India, now they are abiding the rules and regulations in India.
Thanks for sharing that.
CAREDIT CARD COMPANY ESPECIALLY sbi CC IS VERY BAD , THEY USE mastan MOSTLY TO COLLECT MONEY AND finally all payment are not credited keeping problems for the clients. After 8 yEARS OF KEEPING SILENT, NOW THEY ASK FOR A HUGE AMOUNT TO PAY TO THEM.bogus
Hi Manish,
Signature on the back on credit card is little bit confusing for me. There are some advantages and also Disadvantages if i signed on back of card. So whats the beneficial for card holder, to sign or not? Pls reply.
What are the advantages of not signing on the back of card to investors ?
If I sign on back of card, anyone can duplicate my sign and then use it in various places. This is my concern, please advice.
Thats a distant possibility, but then your sign is there at many places anyways. I think its worrying for a distant possibility. If you are not ok, then better not sign it.
Scratching the CVV is one good way to prevent financial frauds.
Thanks for sharing.
Yup !
Hi Manish,
These days we have credit cards with chip in it which is tamper proof. I have got one..Is it safe?
Yes much safer !
Hi! Thanks Manish for the excellent article and solutions for commonly encountered problems. But most of the issues mentioned were merchant based transactions. I am asking about online transactions. I just received my HDFC free credit cards and planning to use them. But after reading your article, I just am thinking whether to use them or not. I checked amazon.com (US) and found that they ask only for credit card number and expiry date. So if I use my card at merchant outlet, somebody can memorise the card number or take a pic of card when we give to swipe, e.g. at restaurant when we dont see the card swiped. In such case, he can do all the fradulent transactions after entering these details. How to safeguard against these fraudsters?
YEs, thats the risk always ! .. You cant do much in that case, other than using the card with proper care !
Hey Manish
I could not pay the last EMI( Rs/-2500) purchased through HDFC credit card as I have changed the company in the meanwhile and my registered email ID got blocked afterwards.
Now after a gap of nearly 2.5 years they are asking me to pay 12000 Rs/- in order to settle my account. I am ready to pay the amount of Rs/-2500 but not Rs/-12000. They are forcing me to pay 12000 and subsequently my CIBIL scores will be hampered.
Kindly help and guide.
Yes, they are correct. Your 2.5k has become bigger by adding all the charges and interest and late payments, they are correct in asking for 12k . I suggest pay it off and close the matter. There are other bigger issues in life to deal with . Dont get stuck with this.
I still do not understand why people provide their office e mails ids to banks and other service providers.
There are enough free email service providers. With mobile based access. Do you think 5 years from now, you will be able to retrieve today’s bank statement from official e mail ids ?
Yea .. very true !
Just to ask a question, not sure if there is an answer
I received a call from a so called gentleman who posed as a SBI ATM issuing of new card. He rang from this number 7384897159 on 30.11.2015 around 11.30am in the morning. I usual don’t entertain any calls from banks, but being a bit (more than bit) stupid he said that all he wants to know was the date of expiry. Seeing no harm I disclosed the date. He then said that he wanted to know the card number and started to tell me the first five digit of my debit card. Sensing that he may be a real State Bank Of India (SBI) official he asked me to confirm the rest of the number.
He never asked me for my name, After that he said that SBI would send a verification number which was an OTP on my mobile number. This arrived immediately without really thinking, I told him the number when he asked for it as this would then finish the verification process. I then realised that this wasn’t correct. I immediately informed the bank and blocked the card but by then he had transacted Rs8000 from my account.
My question is that can anyone with just a debit card number and date from which the debit card was issued (in my case started from Nov 2010) can then send request to the bank to send OTP numbers?
Please note the card did not have a CVV number nor did I disclose my pin. It was the SBI debit Card Number and date it started from that he wanted to know
I have learnt mu lesson the hard way – even though I was aware – but I am a bit surprised that State Bank of India does not have any other security for Debit Cards – like the CVV number.
I don’t think the SBI will reimburse me the money but am going to the Cyber Crime Police in Kolkata.
I would be grateful for any advice of SBI can have a very low level of security where CVV is not asked Please others be warned I was aware – but I still got caught
Thanks
Note that there can be cases where CVV numbers are not used for transactions . Thats the reason OTP was used. I am not sure what were you thinking while sharing the OTP number. Never do that in future
Your card must have been a Maestro Card and it must probably start with 6220 and has 18 digits and not 16. This is an old card. You should get a new debit card with EMV Chip. There are various cards to choose from like Domestic, Silver, Global, Gold, Platinum etc. with their respective rates.
An Ex SBI Employee
U r bleming that why bank didn’t ask for cvv but if u can shear ur otp then it was totally ur fault
Is that same with debit card?
Is it possible to debit for anyone anyhow o fraud me with -info of my Visa SBI Debit card no., expiry date, cvv no. and registered mobile no.. Provided he has no access to my mobile. This is actually the case with me.
Hi Shubham
This is very specific query which you should follow up with the concerned authority only. We wont be able to comment on that
Manish
I remember once having a credit card with my photograph on it. At least as far as offline transactions go, this is a very safe method to avoid fraud. Do not know why banks do not issue such cards, including debit cards.
Secondly, a mandatory OTP, both for any offline and online transaction should also be nearly 100% safe.
Now its there 🙂
Manish – the signature on the back of credit card is actually of no use. I am speaking from first hand experience. My ICICI card was swiped at a petrol pump twice. One for my transaction and one for someone else’s (by mistake). When I checked my statement, I saw 2 transactions for petrol which was impossible as my car cannot simply take that much fuel! I reported to bank – escalated all the way up to Chanda Kocchar. I got them to retrieve the charge slip. Slip clearly did have someone else’s signature. So I confidently asked Bank to revert the transaction – but they said that in case of physical swipe the act of swiping is binding. I eventually escalated to Indian Oil and got them to the task to refund me the money.
Thanks for sharing your experience Piyush
We are here talking about the guidelines and the rules set by the credit card companies. Now the execution is the problem. Banks will surely try to get away with the problem here saying that you will not get money, You will have to go to extra mile here (consumer court etc) , which I am sure not many will do .
Manish
Dear Manish,
very informative article. But still I didn’t get answer to my query as to how a fraudster is able to make purchases with a stolen debit card when he doesn’t know the PIN. This is in reference to a news article published today i.e. 25 Oct 13 in Rajasthan Patrika, where two FY students stole a card and started making purchases instantly; one in a clothing store and another in a restaurant where the owner caught them thanks to sms alert facility and handed over to police. The owner had used the card earlier in the same location and probably forgot it in the ATM. These type of incidents have happened before as well where mercantile purchases are made with stolen debit cards. Dont the cards get locked when wrong PIN numbers are fed consecutively. Please throw a light on this. Thanks Brijendra
You dont need a PIN when you swipe a CARD most of the times. Also for making international purchases online,you dont need a PIN . Its only needed for indian transactions . Have you read the article fully ?
Hi Manish,
I have checked some of the articles on your site, However, I noticed that there is no date mentioned about when this article is written. However, I do understand that we can guess the tentative date looking at the first comment. But, still I believe having the date will help to understand on what point of time you have written the particular article and it is easy to link to the information you have written about.
I hope you will take into account this suggestion.
We have removed the dates for SEO reasons . For now you will have to look at the URL’s only 🙂
Can you explain how to identify a SKIMMER form a normal swiping machine?
A normal skimmer is a small machine which looks very raw . The genuine ones will have a company logo !
http://economictimes.indiatimes.com/personal-finance/credit-cards/news/wont-lose-money-in-card-fraud-if-secure-codes-safe/articleshow/18587764.cms
Thanks for sharing that link Vijay
i wud like some info about credit cards:
1.say i have 2-3 credit cards and i want to cancel all of them and retain one only will it affect by credit rating???
2.wht is the best plan for protecting the fraudulent use of ones credit card?
3. which is the best protection plan for credit cards?
4.how to create a virtual card?
kindly guide?
1. Not much ..
2. Read the article again, its discussed the good points .
3. Check this http://jagoinvestor.dev.diginnovators.site/2010/05/how-to-insure-your-credit-and-debt-cards.html
4. It must have been explained on your credit card website !
Manish
Manish,
I have a thought on credit card usage.
Now a days the bank guys issue credit card worth 2 to 3 times of your take home salary, which can be a big amount(say > 1lac credit limit). I do 3/4th of my purcahses through credit cards(~5-8k). I don’t see any use of such high credit limit unless it is an emergency situation. So what i follow is to have just 2 credit cards.
Card 1: Regular usage card (Cash back card), all my purchases are made through this & my monthly bill doesn’t exceed 10k. So I talked to customer care & reduced the credit limit to 20k with zero cash limit. It will be helpful to track our expenses at end of each billing cycle.
Card 2: Stand by card, Keep it safely in home. It has a higher credit limit. Use only if there is a real big need.
Is it ok to keep high credit limit unused?
Let me know your thoughts on this.
-Penchal
Card 2:
Yea , this is a good idea .. I would say there is no need to reduce your limit to small amount like 20k , better keep it 2 times of your maximum purchase possible , like if you feel that max to max your expenses in any month can reach 25k , then better have a credit limit of 50k .
Rest all is good
Very nice and informative article Manish. I have decided long back even before I fell in love with jagoinvestor I have decided that I will never use Credit Card in my life. I just don’t need it. I can very well manage with my 2-3 Debit Cards.
Keep up the good work Manish.
While that may seem a good idea . but make sure you are not compromising on your credit score betterment by not using credit cards ! .
serious respect for u manish…
i read ur book jago investor..its kickass
well i watned to know about property..real estate in mumbai..
have u written any book on that:? please let me know..
i needed more information.
thank you
God bless
Thanks Rahul
We do not have anything written only for MUMBAI , but there are few articles like
http://jagoinvestor.dev.diginnovators.site/2012/11/background-check-for-small-size-real-estate-builders.html
http://jagoinvestor.dev.diginnovators.site/2010/08/tips-while-buying-house-real-life-experiences.html
YOu might also want to open up threads to ask questions on our forum – http://jagoinvestor.dev.diginnovators.site/forum/