10 Tips for Safe and Private Holiday Shopping

As the holidays approach, consumers are more likely to be visiting crowded stores and malls.  Scam artists and fraudsters know this, so they are likely to be lurking there too.  Privacy Rights Clearinghouse is pleased to offer these helpful tips to protect yourself during this often hectic holiday season:

  1. Clean out your wallet, purse, or pocketbook. Remove unnecessary credit cards, debit cards, your Social Security card, and other unneeded documents that could compromise your identity if lost or stolen while shopping.  Keep them locked up in a safe place.  Pickpockets will be out in force during the holiday season.  The more documents that you carry with you, the more difficult and time-consuming it will be to report and recover from your loss.  If the worst should happen, and your wallet, purse, or pocketbook is stolen, see our “Identity Theft Victims Guide” at http://www.privacyrights.org/fs/fs17a.htm
    • Make sure that the credit card receipts that you receive from merchants do not contain your full account number. Under federal law, all electronically printed credit and debit card receipts must shorten (truncate) the account information to no more than the last five digits of the card number.  The receipt must also not include the card’s expiration date.  This only applies to electronically printed receipts, not to handwritten or imprinted ones. It does not apply to transaction records retained by the merchant. 
      • Some states have laws that dictate what kind of information merchants cannot ask for or write down when a consumer pays with a check or credit card.  For example, in California, when a consumer pays with a credit card, the merchant cannot record any personal information other than what is on the front of the credit card.  When a consumer pays by check, the merchant cannot record the credit card number.  For more information and exceptions to the law, see “Paying by Credit Card or Check: What Can Merchants Ask?” at http://www.privacyrights.org/fs/fs15-mt.htm
        • Be aware of a stores return policy.  Some retailers require a state issued ID or license when you return or exchange merchandise. Typically, stores swipe the shopper's driver's license when a return is being made, and if the store's return limit is exceeded, the customer's return is denied   Retailers do this to keep better track of possible return fraud.  Some retailers maintain their own database while others use a third-party service. A number of national merchants outsource the collection of return and exchange data to a company called The Retail Equation (formerly The Return Exchange). If you make repeated returns or exchanges to a participating merchant, subsequent returns to that merchant’s stores may be refused. 
          • If you decide to purchase a gift card, be aware of expiration dates, fees, and what will happen if the card is lost.  Many states have passed laws regulating gift cards. Often these laws set the same standards for gift certificates, the paper equivalent of gift cards. However, these laws generally do not give you a right to recover from a lost or stolen card. Rather, most state laws cover such things as service fees, expiration dates, and exempt the cards from unclaimed property laws. For a list of state laws governing gift cards, visit the National Conference of State Legislators’ Web site, www.ncsl.org/programs/banking/GiftCardsandCerts.htm .  In California, most gift cards cannot have expiration dates or service fees. However, the California gift card law is complex and does not apply to all gift cards.  For additional information, please see our online information on Gift Cards, Prepaid Cards, and  Stored Value Cards at http://www.privacyrights.org/fs/fs32-paperplastic.htm#5
              1. Don’t use a debit or check card to pay for your purchases.  These cards typically put consumers at much greater risk than credit cards because they offer fewer consumer protections in the event of a loss. And because these cards access funds directly from your bank account, your money will remain missing while you and your bank sort out any theft, which could mean bounced checks, late fees, and numerous other problems.  Some crooks have learned to use “skimming” devices to steal card information off merchant card-swipe machines.  Debit or check cards pose a substantially greater risk to consumers in the event that a card swiping device is “skimmed.”  We discuss the shortcomings of debit cards in great detail in our guide “Paper or Plastic: What's the Best Way to Pay?” at http://www.privacyrights.org/fs/fs32-paperplastic.htm
                1. Don’t forget to take simple precautions to protect your personal safety.  Men can carry their wallets in a front pocket, which is less susceptible to pickpocketing.  Women can place their purse strap over their head and across their chest.  When shopping at night, park in a well-lit area. Be careful getting into and out of your car at the shopping mall -- people are sometimes targeted by muggers when doing so.
                  1. When shopping online, make sure that the Web site uses encryption technology before you provide your personal information.  Encryption scrambles the information you send, such as your credit card number, in order to prevent computer hackers from obtaining it en route. You can tell when you are on a secure web page several ways.  If you look at the top of your screen in the address bar where the Web site address is displayed, you should see https://. The "s" that is displayed after "http" indicates that web site is secure. You may not see the "s" until you are actually on the order page on the Web site.  Another way to determine if a Web page is secure is to look for a closed padlock displayed at the bottom of your screen.  If that lock is open, you should assume it is not a secure site.  Finally, if you use the Firefox browser, the entire address bar will turn yellow if you are on an encrypted page.  In Internet Explorer 7, the address bar will turn green if the page is encrypted.
                    1. The safest way to shop on the Internet is with a credit card. In the event something goes wrong, you are protected under the federal Fair Credit Billing Act. You have the right to dispute charges on your credit card, and you can withhold payments during a creditor investigation. When it has been determined that your credit was used without authorization, you are only responsible for the first $50 in charges. You are rarely asked to pay this charge. We recommend that you obtain one credit card that you use only for online payments to make it easier to detect wrongful credit charges. Make sure your credit card is a true credit card and not a debit card, a check card. A debit or check card exposes your bank account to thieves. Your checking account could be wiped out in minutes. Further, debit and check cards are not protected by federal law to the extent that credit cards are.   For additional information, please see our online guide “Paper or Plastic: What's the Best Way to Pay?” at http://www.privacyrights.org/fs/fs32-paperplastic.htm.
                      1. Finally, be sure to check out a Web site’s privacy policy before providing any personal information online.  You can also learn what type of information is gathered by the Web site, and how it is — or is not — shared with others by reading its privacy policy. A link to the privacy policy is often found at the bottom of the site’s home page.  You can also look for online merchants who are members of a seal-of-approval program that sets voluntary guidelines for privacy-related practices, such as TRUSTe (www.truste.org), Verisign (www.verisign.com), or BBBonline (www.bbbonline.org).   For additional information, please see our online Fact Sheet “Online Shopping Tips: E-Commerce and You” at http://www.privacyrights.org/fs/fs23-shopping.htm.