We recently stayed at Twin Falls 93 RV Park. Upon checking in, the manager swiped my credit card and received an authorization number okaying the charge. She then proceeded to write down my card number , expiration date and "secret number" (from the back of the card) on my registration form. This form includes my name, address and phone number. At the time she did it, I thought it was odd, but I was awake all night worrying about how the info could be used. The office was not particularly secure and people likely are in and out, plus the managers are probably not around 24/7. In the morning I emailed them asking them to destroy my credit card info and they said they would, however I am sure they will continue to collect the info from others. Please guard your credit card info and refuse attempts to keep permanent record of your info.
It certainly wasn't worth losing sleep over. When you swipe your card, a copy of the number is kept for them anyway. Under the old imprint (knucklebuster) machines the merchant kept a copy with your signature on it. Now they keep a slip of paper with your signature on it or an electronic signature. They also contain your number, expiration date, and 3 digit number. Merchants need this information in case of a dispute which can happen. The first thing the credit card company wants is the signature and the 3 digit number to prove you were there. Disputes do happen and just because you swipe your card doesn't mean you get the money. The card holder has up to 60 days to dispute. This is just the cost of doing business in the modern world. If this is scary, you can always pay cash, but that has it's problems also. The main cause of credit card fraud is when someone takes your card away and swipes it with a card reader. Just takes a second. Your best defense is to always check your bill carefully and quickly.
QUOTE(Lindsay Richards @ Nov 11 2012, 01:09 PM) [snapback]31861[/snapback] It certainly wasn't worth losing sleep over. When you swipe your card, a copy of the number is kept for them anyway. Under the old imprint (knucklebuster) machines the merchant kept a copy with your signature on it. Now they keep a slip of paper with your signature on it or an electronic signature. They also contain your number, expiration date, and 3 digit number. Merchants need this information in case of a dispute which can happen. The first thing the credit card company wants is the signature and the 3 digit number to prove you were there. Disputes do happen and just because you swipe your card doesn't mean you get the money. The card holder has up to 60 days to dispute. This is just the cost of doing business in the modern world. If this is scary, you can always pay cash, but that has it's problems also. The main cause of credit card fraud is when someone takes your card away and swipes it with a card reader. Just takes a second. Your best defense is to always check your bill carefully and quickly. Well, no, I'm looking at a receipt and it includes the last four digits of the card number and the authorization number. No other useful info. When swiping the card, the machine sometimes asks for the 3-digit code, but it's usually only required for phone orders when the cardholder isn't present. The credit card company obviously has all my info in case of a dispute but the merchant shouldn't have it for an in-person transaction.
We would never consider writing down all that information. We have the copy of the paper you sign with the last 4 digits on it but there is no other private information on it that anyone else can see. I would never agree to let anyone write that information down. I have had people call me with their number when they needed to extend their stay and many times they offer to give me that secret number but I refuse it. I do not need it and do not want it.
QUOTE The credit card company obviously has all my info in case of a dispute but the merchant shouldn't have it for an in-person transaction. I have been out of the business for 6 years now, but this was definitely not true when we were doing credit cards. We had the entire number. The entire number is in the machine and could be retrieved during batch out. This is old information and this is a quickly moving business, but there was not a wide spread problem with fraud back then. Once again, your best protection is to check your statement quickly and report any overages. There are also some automatic protections done by the computer at the credit card processor. When we were recently at my wife's reunion, divided up the total bar tab and we each had to pay $11.55. I owed it three times (wife and sister-in-law). He ran the card 3 times for that amount one after the other. The bank disallowed 2 of them thinking it was fraud. I spent about 30 minutes with them trying to get them reinstated them but couldn't. I was never charged. Felt bad. It is far from a perfect system and it is up to the card holder to be sure.
QUOTE(Lindsay Richards @ Nov 12 2012, 09:49 AM) [snapback]31868[/snapback] I have been out of the business for 6 years now, but this was definitely not true when we were doing credit cards. We had the entire number. The entire number is in the machine and could be retrieved during batch out. This is old information and this is a quickly moving business, but there was not a wide spread problem with fraud back then. Once again, your best protection is to check your statement quickly and report any overages. There are also some automatic protections done by the computer at the credit card processor. When we were recently at my wife's reunion, divided up the total bar tab and we each had to pay $11.55. I owed it three times (wife and sister-in-law). He ran the card 3 times for that amount one after the other. The bank disallowed 2 of them thinking it was fraud. I spent about 30 minutes with them trying to get them reinstated them but couldn't. I was never charged. Felt bad. It is far from a perfect system and it is up to the card holder to be sure. You are right, there are ways for the merchant to retrieve the full credit card number from a transaction. In your case of three charges, the problem was not that the processor thought there was fraud, it was that all the systems now have protection in place to prevent accidental multiple transactions. The system just thought the merchant accidentally ran the charge again. Happens a lot now that most credit card systems process over the internet. People just think it didn't go through the first time (which happens often) and they run it again. The guy could have easily gotten around that problem by charging a penny more and a penny less for the other two bills.
I had a problem a few years ago, a few days after using the card in a store, about 300 dollars was paid from my card to some online casino. After that I have had my 3 digits covered with a small piece of white tape/sticker. Never had a problem paying with the card in stores/campgrounds, even though they now can't read my 3 digits.
My primary concern was having the number, expiration date and 3-digit code, along with my name, address and phone number written down on a very unsecure piece of paper. I don't know what info is available to a merchant via a batch process, but I felt it more likely someone would steal the registration cards.
When we sold our business, I had at least 10,000 saved credit card slips that I had saved. They were stored in shoe boxes by date. We waited 3 years to clear out the expiration dates and then hosed them down and put them in the trash. Should have shredded them, but we didn't. Some were before the advent of the 3 diget code, some after. It was amazing how much debt some folks had. We would have people have 3 credit cards decline and then ask if I would take a check. Duh. I remember one fellow with declines that said, "Oh, I made room on the Discover card." This guy had $10,000 on three different cards and paid off one of them down $150 to pay us. When I charged tax, it made the card decline. These kids were buying a chicken sandwich and putting it on a 19% interest card forever. Where were the parents and schools?
The OP's concern is well-founded. The "secret code" (technically called a CVC2 or CVV2 IIRC) is not automatically collected by the merchant from swiping the card because it is not encoded on the mag strip. Further, at least in the case of Visa the merchant who does a "card not present" transaction, the type where the three-digit code is used, is not even allowed to keep that code in his files once the transaction is completed. That code is only for the purpose of being able to accept the card when the buyer is not present, i.e. internet, phone, and similar transactions where it is a second security key. It should never become involved where there is a physical swipe of the card. For a face-to-face merchant to take down that number, much less keep it on file, constitutes a potential security breach.
One other concern fellow campers should be concerned about is when the campground has to phone in the credit card number when their machine is out of commission. This happened to us about 5 years ago in California. Office staff used a cell phone to call in the credit card number (including the security 3 digit number). Next day my credit card was declined at a grocery store and gas station and I called the credit card company to find out why. Apparently someone must have intercepted the credit card number from the cell phone transmission and was using it to pay for Vonage calls to Somalia. So my credit card was suspended and a new one Fedexed out to my next campground. I won't ever allow anyone to call in my credit card number on a cell phone ever again.
QUOTE(Glenn Norton @ Nov 15 2012, 12:18 AM) [snapback]31912[/snapback] One other concern fellow campers should be concerned about is when the campground has to phone in the credit card number when their machine is out of commission. This happened to us about 5 years ago in California. Office staff used a cell phone to call in the credit card number (including the security 3 digit number). Next day my credit card was declined at a grocery store and gas station and I called the credit card company to find out why. Apparently someone must have intercepted the credit card number from the cell phone transmission and was using it to pay for Vonage calls to Somalia. So my credit card was suspended and a new one Fedexed out to my next campground. I won't ever allow anyone to call in my credit card number on a cell phone ever again. Since the change over to digital encrypted cell service, interception of cell signals is extremely difficult to accomplish. You're much more likely to be compromised by the person on one end of the connection or the other, regardless of the connection method.
The bottom line here is that in our society, there is still a risk to using a credit card for anything. Even paying your electric bill online can be a problem. We all have two options, we can pay cash or we can use credit cards and use due diligence in keeping up with our accounts and making sure that any discrepancies are found and corrected immediately. The thieves are very clever and very computer savey. I bank online and check them daily over the internet. I enter all receipts into Quicken and check off the bills as they come in. If there is a problem, I know right away and get it corrected.
QUOTE The bottom line here is that in our society, there is still a risk to using a credit card for anything. There certainly is a risk of the card being compromised. Our winter neighbor is a detective with a major law enforcement agency fraud division specializing in credit card fraud. He tells me that his agency estimates that 65%-75% of all valid cc numbers are available from online sellers, including the corresponding addresses and ccv numbers. They are evidently so available that selling prices are very low. According to him and what I have read, cards could be made more secure but the cost to do so would be higher than what financial institutions lose to fraud. Most of the cost of fraud is passed to us as fees, etc., anyway. What I read says the extra security would add a few seconds to each transaction and consumers would balk and go to institutions with lesser security and faster transactions. The risk of personal loss with a compromised credit card is extremely low. Most cardholders pay nothing when their card is used fraudulently. DW travels extensively domestically and overseas, and we travel for six months in the motorhome. Most of our spending is via cards. No matter how carefully we watch our cards, every other year or so we end up with one of our cards compromised and get a call from the security department from the card company. The last time someone used the number to charge several thousand dollars worth of plane tickets to places like Riyadh and Tehran. The cards were quickly cancelled and new ones delivered to us by noon the next day - last year the courier actually met us at a highway rest stop with the new cards. Unless you are using cards for automatic payments where you have to call and change the info to the vendor, there really is not even much hassle when a card is compromised. IMO, yes there is risk, and a lot could be done to change the sytem, but that is beyond my control. We are very careful, but certainly would not lose sleep worrying about what might happen if the numbers got in the wrong hands.
QUOTE(Lindsay Richards @ Nov 16 2012, 12:33 PM) [snapback]31916[/snapback] The bottom line here is that in our society, there is still a risk to using a credit card for anything. Even paying your electric bill online can be a problem. We all have two options, we can pay cash or we can use credit cards and use due diligence in keeping up with our accounts and making sure that any discrepancies are found and corrected immediately. The thieves are very clever and very computer savey. I bank online and check them daily over the internet. I enter all receipts into Quicken and check off the bills as they come in. If there is a problem, I know right away and get it corrected. But of course paying with cash brings its own risks. Cash can easily be lost or stolen. There are also hassles of getting cash -- if you don't use any card, you need to go to the bank and get cash across the counter, and the less cash you want to risk carrying the more frequently you have to go. You can use a debit card at an ATM, or for extra cash when you do a transaction at a store, but then you're back to using plastic in order to use cash! Clearly going principally to cash is not a viable option for most of us, especially when traveling around in our RVs. Keep in mind that even in the case of fraud, you're total loss is limited to $50 in most cases provided you haven't been negligent. Generally you won't even have to pay that. And the CC companies are pretty good at spotting potentially fraudulent use, too good in fact since it's a pain when they put a hold on your card for things like buying gas in two different states within a short time period. Modern living.
I stopped carrying change about 5 years ago. I carry bills, but never have any change in my pocket. I pay for everything with my debit card. All my bills are paid online. Every once and a while I I write a check. We keep quarters in the cars and my wife has a whole Tupperware dish of quarters for washers and dryers when we camp. We took the motor home through a toll road in Orlando yesterday and I asked the lady for $5 worth of quarters. Right into the Tupperware it went. I put all receipts into Quicken electronic check book and check my online account every morning. This works well for us.
QUOTE(Lindsay Richards @ Nov 18 2012, 10:45 AM) [snapback]31938[/snapback] I stopped carrying change about 5 years ago. I carry bills, but never have any change in my pocket. I pay for everything with my debit card. All my bills are paid online. Every once and a while I I write a check. We keep quarters in the cars and my wife has a whole Tupperware dish of quarters for washers and dryers when we camp. We took the motor home through a toll road in Orlando yesterday and I asked the lady for $5 worth of quarters. Right into the Tupperware it went. I put all receipts into Quicken electronic check book and check my online account every morning. This works well for us. My wife too has that tupperware thing full of quarters. She loves doing laundry, anyplace, anytime. I generally pay cash for things under $25 or so, depending on my mood. But I use a credit card not a debit card for the most part. I like the float. But I never fail to pay in full when the bill is due, using my bank's free bill payer service of course.
We use BOA credit/debit card and there isn't much float. I can make a purchase and drive right home and check my online banking records and it is already out of my account. The only exception seems to be when at a restaurant. The meal comes out immediately, but it is conditional and if you leave a tip on the card, it can take 3 or 4 days for the tip to comes through. We usually leave the tip in cash to avoid confusion. Being a waiter back in the last century, I am a good tipper. I have gotten over that foolish feeling of putting $2 on the card. I really like Quicken as it is just like an electronic check register, but puts everything into categories, so you can keep a good handle on what you are spending. There are also free similar versions of this type of program. I also have Carbonite online backup, so all records are out in the "cloud" if the computer dies.
