Thought about credit card use at gas stations.

[NM_Shooter]

It sort of bothers me to have to leave a credit card with the clerk when I go pump gas at some stations that do not have pay at the pump.

I'm more than a little paranoid but the thought of leaving one of my cards unattended is not very palatable. 

I think I have found a solution.

I have an old card that is no longer valid.  I had someone steal my number this past year, and as such I requested new cards... so that number got retired. 

I now leave that old worthless card with the clerk before pumping gas.  I've never had a clerk scan the card first to see if it was good.  When I go back into the station, I hand them another card to use instead.

[MountainDon]

Since I worked in the CC fraud area at the big bank I don't ever let my card out of my sight. Using an old canceled card should work as long as they don't run it. However, another "worry place" are restaurants. An old card won't help there. The big worry there is that the waiter, or someone, has a skimmer. A skimmer is a small hand held, pocketable reader that stores the card info for future illegal use. The CC fraudsters will then burn that info onto used cards. They often use stolen cards that have been canceled after their theft.

I only use cash at restaurants or any place I can't retain possession of the card. I feel safer using a CC online than handing one to wait staff or gas station clerks, etc. I really like stores who have the customer scan their own card or my own use. That however allows fraud when the cashier does not check the card. 

[glenn kangiser]

Chevron/Texaco has started their own scam.  $5 a month to send you a paper bill. 

Send the bill out too late to allow payment on time unless you check the PO Daily.

Charge a $39 late fee when you can't get it to them on time even if the bill is a few dollars.

[MountainDon]

http://www.washingtonpost.com/wp-dyn/content/article/2009/06/08/AR2009060804002.html

http://www.wired.com/threatlevel/2009/10/florida_skimming/

http://www.google.com/imgres?imgurl=http://blog.creditorweb.com/wp-content/uploads/2007/12/skimmer.jpg&imgrefurl=http://blog.creditorweb.com/index.php/2007/12/&h=391&w=406&sz=30&tbnid=5GhdVqt0CrAZ-M:&tbnh=119&tbnw=124&prev=/images%3Fq%3Dcredit%2Bcard%2Bskimming&hl=en&usg=__8_2s-6znFniVLW7AH5wluOU-OtI=&ei=ogvxSpeUIY7ssQPlqYHFDQ&sa=X&oi=image_result&resnum=4&ct=image&ved=0CBsQ9QEwAw



thing on the let is a skimmer.

[MountainDon]

Chevron/Texaco has started their own scam.  $5 a month to send you a paper bill.  

That sucks, but paper statements are another way to steal your card number. Maybe from the mailbox, maybe somewhere along the way. I quit using paper statements years ago. Ditto for paper bank statements.

[rwanders]

For years we have used a PO Box for all our mail-----safer and the PO will automatically hold our mail safely when we are traveling-----bonus perk is being able to dump the junk mail in their recycle bin and not having to drag it home. It's worth the few $$ for the box.

[NM_Shooter]

Don, have you noticed that a lot of stores now ask you for the last 4 digits of the card?  I bet it is to thwart the skimming issue.  I have also been having more and more folks ask me for ID too. 

I do not like the type of CC that has an RFID installed.  I think that is a disaster waiting to happen.

[MountainDon]

Don, have you noticed that a lot of stores now ask you for the last 4 digits of the card?  

But how many of those cashiers actually ask to see the last 4 digits on the card. Except for the first few weeks at the Lowe's that opened near me last year... nobody. They began by asking to see the card and they would read and enter the last four. That's got some security. But when they ask for the last four and take your word or it... Not much security there.

The RFID's can be read by readers you can buy on ebay.    Depending on who you talk to they are safe or a disater waiting in the wings.  No matter how a thei gets your card info you are still not liable or more than $50, by law. I've lost a few cards and had some fraudulent purchases over the years, but my CC company has never even made me pay that $50, and no it is not, was not the one I worked or. However, it is the big nuisance, the inconveniences I don't like, as well as the act of the theft itself I don't like.

However, if the reassurances of the credit card industry aren't enough to calm your nerves, there are other options. You can get a wallet lined with nickel-impregnated nylon that blocks all RFID transmissions. It works.

[MountainDon]

More on RFID's in credit cards, from  SearchSecurity.com  as subscription site, so I pasted it in below.


QUESTION
Why can't I simply cut out the chip in an RFID credit card? What is the harm? I only want to use the magnetic strip on the back. What would happen if I cut the chip out with a hole puncher?

>    
If you want, you can just drill out the radio frequency identification (RFID) device chip on a credit card. There isn't any harm, and you wouldn't be the first person to have ever done it. The only thing to be careful of is to not damage either the magnetic stripe on the back or the numbers embossed on the front. Damaging these could make the card useless.

With that said, punching the chip out of the card still isn't a good idea. It should be your last choice. There are plenty of other options that are less drastic.

Let's take a quick look at the security issues associated with RFID credit cards.

An RFID is a tiny radio transmitter on a chip. Credit cards with an RFID chip transmit account information, like a name or account number, to a reader at a checkout counter. An RFID credit card is designed to be more convenient than swiping the card's magnetic strip through a reader; someone can easily wave his or her wallet over an RFID reader without even having to take the card out.

Major credit card issuers, like JPMorgan Chase and American Express, have offered RFID cards since 2005. But the chips made headlines last October when researchers at the University of Massachusetts built a machine that could use the card's radio signals to read account information.

The researchers claimed that the RFID chip transmitted account numbers and other sensitive information openly through the air, making them vulnerable to theft. The card companies, however, claimed the data was encrypted and that the researcher's sample -- only 20 cards -- was too small.

Either way, as of this writing, there haven't been any reported breaches caused by malicious users and roving RFID readers. Of course, that doesn't mean RFID-related identity theft won't be a problem in the future.

An option, if you're concerned about RFID credit card safety, is to simply return the card to the issuer and get another card from a different company that doesn't implant its chips.

Another possibility is to purchase the DataSafe Wallet from Kena Kai. The wallet is lined with RF-shielding material, which blocks RFID signals until the card is taken out. The wallet acts like a portable Faraday cage, a common trap for radio signals that normally would be too bulky to carry around in your pocket.

Also, keep in mind that despite the security risks of credit cards, most issuers generally use fraud monitoring systems as another layer of protection; these mechanisms are often invisible to users. If a card is lost or stolen, whether through its radio signals or not, these systems develop a profile of your card usage, detect unusual transactions you normally wouldn't make and then block them.

[waggin]

My concern with drilling the chip out completely or just drilling a small hole to disable it would be that in the cases where you are dealing in person with someone ringing up a sale, they might decline to allow you to use a card if it looks damaged or modified.  Judicious use of a ball peen hammer avoids that issue:

http://wvp.diablops.com/index.php?option=com_content&task=view&id=37&Itemid=1

[Sassy]

We had to get new name tags at work - the same type as the military with RFID chips in them.  Don't have any idea how much info is on them.  The little holder they gave us to put them in is crap - the 1st day I had the tag, it fell out of the holder - thank God it had fallen out in my car.  Another time it fell on the floor in the ER - yeah, real safe   

I don't carry it in my purse as anyone could read it or track my whereabouts that had a reader.  I don't think they are safe at all. 

[peternap]

Make a thin lead case to carry it in Sassy. Next time you're near the Xray room, ask for a scrap of shielding. Get Glenn to hammer it out in a paper thin sheet and just use scissors to cut to size. Fold and crease and you're radio proof.

Now, if I could only find a source for Armadillo shells to make anti mind scanning helmets???

[Sassy]

Thought you needed tinfoil for that 

[MountainDon]

Armadillo helmet

http://www.leisurelakesbikes.com/product/metarmadillohelmet.aspx?&id=8524

[Don_P]

RF mood rings, the nurse says you need your shot now