The Business-Technology Weave

Jul 13 2011   1:05PM GMT

Information Privacy and Bank Debit Cards



Posted by: David Scott
Tags:
ATM cards
ATM machines
bank breach
bank card breach
bank card data
bank card security
bank cards
bank fraud
bank PIN numbers
bank security
credit card
credit card breach
credit card data
financial institution
financial institution security
financial security
financial system
PIN numbers
US mail

 

An interesting thing happened to me on the way back from my mailbox the other day.

 

But first:  I had a debit card that was getting increasingly difficult to use.  The magnetic stripe on the back had a scratch on it, and I often had to swipe it three or four times to get it to read.  So, I called the bank and requested a new one.  I haven’t had to replace a card in a long, long time.  I figured the new one would come with instructions to call a number for “activation.”

 

Interestingly (well, at least to me), when the card showed up, the accompanying letter made no mention of any need for activation.  It did take care to tell me the card could be used at “millions of Visa ® merchant locations.”  It talked about “free access to cash” at qualifying ATMs.  Further, the letter was so helpful in telling any recipient that $300 cash was available each day, as was $1,500 in purchases.

 

Representing the most help, perhaps (particularly for thieves), was this informative sticker on the card itself!  [Capitalization is exactly as on the sticker] –

 

 

IMPORTANT NOTICE

This debit card works at all Visa merchant locations.

Press the CREDIT button and DO NOT INPUT YOUR PIN.

Funds will be deducted from your checking account

and there will be no transaction fee.

 

It really is nice not to have to fuss with a PIN.  But here, we’re at a point of diminishing return:  By making the card easier to use for the consumer, we’re also opening a very insecure avenue, yielding a breach potential:  Unauthorized use of the card for THEFT.  [Those caps are all mine].

The letter had a 1-800 customer service number and I called it.  I wanted to confirm that the card was ready to use, absent any proactive activation on my part.  The representative confirmed two things:  1)  The card was ready to use, and 2)  that, upon my direct query, the card indeed had been ready all along, as delivered to my mailbox.

Couple worrisome things here.  There have been times, not too often but more than a few, where my neighbor’s mail has been delivered to my mailbox.  In fact, this has happened at several addresses I’ve had over the years.  I’m sure there has been mail of mine delivered elsewhere – in fact, I remember people walking stuff over here and there.  

In the event this card had been placed in the wrong mailbox, there is the possibility that someone would be tempted to take the card and use it.  The envelopes for these cards do not disguise the fact that they contain a card – you can readily feel a card just by picking up the envelope.  Consider too that someone could tear an envelope open without noticing it’s meant for someone else (in fact, I’ve done it).  Once open, there’s a nice sticker advertising the fact that you hold free money in your hand.

Of course, with all of the surveillance systems today, it would be distinctly unwise to use someone else’s card without authorization.  But that doesn’t preclude kids, or stupid people, or even someone adopting a disguise and walking up to a machine, from gaining some ready cash… from… you.

I don’t like it.  What do you think?  Aren’t we supposed to be getting tighter as regards security?

Also, keep this in mind:  Removing the need to call and authorize/activate a card takes a bit of a burden off the financial institution.  But… presumably any burden regarding security is something a bank is precisely supposed to be offering. 

Call it a service.   :^ )

 

On this day:  In 1836, U.S. Patent #1 is granted for locomotive wheels (after 9,957 unnumbered patents).

 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: