YOU ARE HERE: LAT HomeCollections

Credit or debit? Tips for fighting ID theft

One type of transaction offers more protection than the other against unauthorized users.

March 30, 2007|David Colker and Alana Semuels | Times Staff Writers

You didn't get just low prices at T.J. Maxx and Marshalls, you also had a good chance of getting your credit card information and other personal data stolen.

You can hardly live without credit and debit cards these days, but there are steps that can be taken to ward off the perils of identity theft, privacy experts say, even if caused by a giant information leak from some remote, windowless computer center.

The stakes are high. Nationally, fraud losses to existing credit and debit card accounts totaled $20 billion last year, according to Javelin Strategy & Research.

In the latest major breach, TJX Cos., the parent of T.J. Maxx and Marshalls, has said that at least 45.7 million credit and debit card numbers -- a record -- were stolen from its computers in 2005 and 2006.

For shoppers, the first step in protecting personal data has to do with the answer to the perennial supermarket checkout question, "Credit or debit?"

"We tell people to stop using debit cards for shopping," said Beth Givens, director of the nonprofit Privacy Rights Clearinghouse in San Diego. "If you are a victim of someone who uses your debit card data, the money comes immediately out of your bank account."

That's what happened to Marilyn Key of Pasadena when she was on vacation in Europe.

"I usually use my credit card," she said. "I just use my debit card for little things."

One of those times was at a small market on her trip. "I only found out that the information on the card had been stolen when I had no money left in my account," Key said.

In all, $4,000 was stolen. She eventually got it all back from the card issuer.

But in some cases, that can take weeks.

"We have heard of cases when the bank says it has to investigate the loss," Givens said. "The victim might be left broke while that's taking place."

That doesn't happen with credit cards because purchases initially are funded by the card issuer. As a result, the victim usually doesn't pay out the money before noticing the loss.

Another problem with debit cards is that the laws governing them in case of theft are less protective than for credit cards. The rules are especially tough on procrastinators.

The debit card holder is responsible for losses of as much as $50 if the financial institution is notified of the theft within two days of it being discovered. After that, the user is responsible for losses of as much as $500.

And if the theft isn't reported within 60 days, the debit card holder is legally responsible for all losses after that period.

In contrast, the maximum loss that the victim of a credit card theft will suffer is $50, as long as the loss is reported within 60 days.

In some cases, a thief can gain access to more than credit card numbers. This could be the case with laptop computers recently stolen from Los Angeles County offices. This week, 244,000 people in the child support system were notified that personal data, including Social Security numbers, could have been exposed.

That information can be used to create new accounts in a victim's name.

This crime -- which was responsible for nearly $18 billion in losses last year, according to Javelin -- is particularly insidious because the victim might not even know that the fraudulent accounts have been created.

The first indication often doesn't come until collection agencies start calling to demand payment for items the victim has never heard of.

California was a pioneer in allowing a resident to freeze access to credit reports, thus dramatically curbing the unauthorized creation of new accounts.

The first-of-its-kind law, which went into effect in 2003, directs that for $30, an individual can bar the three major credit bureaus from giving out any credit history information. It's unlikely any bank, card issuer or lending institution will open an account without that data.

It can be awkward, however, when the person who put the chill on the reports has a legitimate reason for that information to be shared -- say for buying a car, applying for a mortgage or getting a new credit card. Then it costs as much as $30 to temporarily make the credit data available.

Key's main defense against ID thieves was to use her credit card only for purchases.

That's what she was doing Thursday afternoon when shopping at T.J Maxx in La Canada. Leaving the store with several bags, Key, 55, said it didn't bother her to be patronizing one of the retailers at the center of the latest breach of personal data.

"I doubt," she said, "I would stop shopping here."

Aroug Hart, 54, of Glendale, also wasn't too worried as she shopped at the same store.

"These days anyone can steal your information," said Hart, who is a professional skin-care specialist. "It's more convenient to give a card."



Warding off theft

Fighting ID fraud

* Carry only the credit, debit and identification cards that you use regularly.

* Don't carry your Social Security number.

Los Angeles Times Articles