Twice, in the last six months, I’ve received the dreaded notification:
We continuously monitor ATM, debit and credit card transactions to look for out-of-pattern activity that might be potential fraud, as well as information from outside companies about account compromises at undisclosed merchants or service providers.
Your card was part of one of these compromises. This does not mean fraud has or will occur on your account. We’re simply taking precautionary steps to help protect your account.
Long story short, a new card is on it’s way to you.
Now I appreciate that my bank is monitoring my account, I really do. But what I don’t appreciate is their lack of transparency. Because all I really want to know is who are these “undisclosed merchants or service providers”?
It is so frustrating that the banks won’t tell you who these merchants are! I mean, I get why the merchants don’t want you to know, but it seems awfully unfair to the consumer. Don’t we have a right to know if a service provider we frequent is getting hacked or is lacking in security measures? Don’t the banks have a responsibility to their customers — you know, the regular Joes who are NOT million-dollar conglomerates?
Because to have this happen twice in such a short time frame makes me suspicious that it’s the same vendor. But I honestly have no clue who it could be.
Ranting aside, getting a new debit card when you conduct so much of your life online also means figuring out ALL the places where you’ve saved your information.
Gym membership
Magazine subscription auto-renewals (a big deal for me, as you know)
EZ Pass
My son’s school lunch program
Amazon.com
And the list goes on and on.
When this first happened six months ago, I created an encrypted document listing all the places where my debit card information is saved and what the login and password info is for those accounts — kind of like how they say to make photocopies of everything in your wallet so you know who to call for a new card replacement, for example, if your wallet is stolen.
So here’s my advice: If you do any sort of online transactions or purchases, make a list of that includes the URL for each and your login info (if you have different logins and passwords for each account). And (this goes without saying) encrypt it or keep it in a safe place.
For example, EZ Pass requires a user name AND a password AND a PIN. Who the heck is going to remember that?
And my gym membership goes through a finance company whose name is in no way connected to my gym, so I’d have to go dig up my membership application to get that information. Trust me, this one is first on my list. I forgot about the gym the first time my card was compromised, so when they went to charge my monthly fee, my card was rejected and I was charged a $30 late fee. Grrrrr.
Think more broadly beyond just where you go shopping — don’t forget any sort of monthly or automated subscriptions (Birchbox, Stitch Fix), or accounts where money is automatically added when you reach a certain level (EZ Pass, Buddy’s school lunches).
Having this information on-hand made the whole process of updating my accounts MUCH less painful this time around. Although it’s unfortunate (and annoying) that we have to do it at all.
Or we could always just move to using all cash. Just sayin’.