Shopping Online: Tips for Improving Credit Card Security

The most common security concern for credit cards in their early days was having a card stolen.  In those early days, a credit card thief was either an excellent pickpocket, a person who simply discovered a dropped card, or someone who cleverly plucked carbon receipt papers from merchants’ trash.

Then along came the internet and electronic bill payment systems. Today, credit card thieves are more covert than ever. Instead of hustling people for card information or combing through parking lots looking for dropped cards, they bypass cards and card holders altogether, and focus on acquiring personal information and credit card information by breaching the databases of retailers or other organizations.

For example, the Internal Revenue Service (IRS) experienced a breach in 2015 that resulted in 700,000 personal records being stolen. The Russian hackers who perpetrated the scam reportedly did so to use names from the database to file fraudulent tax returns. 

Given the many data breaches that have plagued companies and organizations in the past few years — including the U.S. Department of Justice, UC Berkeley, University of Central Florida, Snapchat, Yahoo!, Wendy’s, and Premier Healthcare — consumers can’t be too careful with payment card data, especially when using it in a card-not-present environment, such as purchases made online and by phone.

Tips for Improving Security

If big businesses and organizations fail at keeping credit card data safe, what chance does the average consumer have? The answer depends on how vigilantly a person monitors online payment security. When you use the three monitoring strategies below, your credit card data is much safer.  

  1. Decide if a Website is Real

Building fraudulent websites that imitate well-respected sites is a common tactic for stealing credit card information. Before submitting card information to a site, check to see if it has any of the following characteristics that are indicative of illegitimate websites: no physical address or phone number listed, no return policy, inexplicably low prices, and no privacy statement that tells you how your personal information is handled.

  1. Look for SSL Certification

When you arrive at a merchant’s website, look at the URL in the search window at the top of your browser. Does it start with “http” or “https”? If it starts with https, you’ve arrived at a site secured using what is known as a SSL certificate, which protects your data as it moves from your browser to the server of the website.

There are different levels of SSL certification. Extended Validation (EV) certification is the highest level. You can identify an EV-certified site by looking at the web address bar. The merchant’s name usually appears in green, with a lock symbol at the beginning of the bar. This is the type of merchant website you want to do business with.                                      

  1. Consolidate Your Cards                                                 

If your pocketbook is bursting with credit cards, consolidating them into a single card that’s accepted everywhere is another important security measure. Vigilantly managing account activity for multiple cards can be difficult, making it easier to become a victim of theft you don’t realize until later. In fact, if the amount stolen is small — a current trend among payment card fraudsters — you may not realize the loss at all.

This is why we recommend using our American Eagle VISA card that offers the latest payment card security features. This card makes your in-store purchases more secure and makes it easier to track account activity by managing a single card instead of multiple cards.

Contact Us Today

To learn more about American Eagle Credit Union’s line of secure VISA cards and other products and services, please call us today at (800) 325-9905, or send us an email through the contact form on our website. We look forward to hearing from you and seeing how we can help you improve credit card security.


Thank you for your thoughts and comments on this blog topic. We welcome hearing from you. For your security, please do not to request transactions to your account in your comments. Additionally, do not include confidential information in your comments as this communication is not a secure channel for transmission.