The Times Australia
The Times World News

.

How risky is it to give card details over the phone and how do I reduce the chance of fraud?

  • Written by Paul Haskell-Dowland, Professor of Cyber Security Practice, Edith Cowan University
Close up of a hand entering pin code at an ATM

Paying for things digitally is so common, most of us think nothing of swiping or tapping our card, or using mobile payments. While doing so is second nature, we may be more reluctant to provide card details over the phone.

Merchants are allowed to ask us for credit card details over the phone – this is perfectly legal. But there are minimum standards they must comply with and safeguards to protect consumer data.

So is giving your card details over the phone any more risky than other transactions and how can you minimise the risks?

How is my card data protected?

For a merchant to process card transactions, they are expected to comply with the Payment Card Industry Data Security Standard[1]. This is a set of security requirements designed to protect cardholder data and the trillions of dollars of transactions each year.

Compliance involves various security measures (such as encryption and access controls) together with strong governance and regular security assessments.

If the information stored by the merchant is accessed by an unauthorised party, encryption ensures it is not readable. That means stealing the data would not let the criminals use the card details. Meanwhile, access controls ensure only authorised individuals have access to cardholder data.

Though all companies processing cards are expected to meet the compliance standards, only those processing large volumes are subject to mandatory regular audits. Should a subsequent data leak or misuse occur that can be attributed to a compliance failure, a company can be penalised[2] at levels that can escalate into millions of dollars.

These requirements apply to all card transactions, whether in person, online or over the phone. Phone transactions are likely to involve a human collecting the card details and either entering them into computer systems, or processing the payment through paper forms. The payment card Security Standards Council has detailed guides for best practice[3]:

A policy should be in place to ensure that payment card data is protected against unauthorised viewing, copying, or scanning, in particular on desks.

Although these measures can help to protect your card data, there are still risks in case the details are misplaced or the person on the phone aren’t who they say they are.

Read more: AI scam calls imitating familiar voices are a growing problem – here's how they work[4]

Basic tips for safe credit card use over the phone

If you provide card details over the phone, there are steps you can take to minimise the chance you’ll become the victim of fraud, or get your details leaked.

1. Verify the caller

If you didn’t initiate the call, hang up and call the company directly using details you’ve verified yourself. Scammers will often masquerade as a well-known company (for example, an online retailer or a courier) and convince you a payment failed or payment is needed to release a delivery.

Before you provide any information, confirm the caller is legitimate and the purpose of the call is genuine.

2. Be sceptical

If you are being offered a deal that’s too good to be true, have concerns about the person you’re dealing with, or just feel something is not quite right, hang up. You can always call them back later if the caller turns out to be legitimate.

3. Use secure payment methods

If you’ve previously paid the company with other (more secure) methods, ask to use that same method.

4. Keep records

Make sure you record details of the company, the representative you are speaking to and the amount being charged. You should also ask for an order or transaction reference. Don’t forget to ask for the receipt to be sent to you.

Check the transaction against your card matches the receipt – use your banking app, don’t wait for the statement to come through.

Close up of a hand entering pin code at an ATM
Cancelling your card is a hassle, but it’s the best way to prevent further funds being stolen from your account. Eduardo Soares/Unsplash[5]

Virtual credit cards

In addition to the safeguards mentioned above, a virtual credit card[6] can help reduce the risk of card fraud.

You probably already have a form of virtual card if you’ve added a credit card to your phone for mobile payments. Depending on the financial institution, you can create a new credit card number linked to your physical card.

Some banks extend this functionality to allow you to generate unique card numbers and/or CVV numbers (the three digits at the back of your card). With this approach you can easily separate transactions and cancel a virtual card/number if you have any concerns.

What to do if you think your card details have been compromised or stolen?

It’s important not to panic, but quick action is essential:

Screenshot of on-line banking app showing card settings Example credit card restrictions in a banking app. Author provided
  • call your bank and get the card blocked so you won’t lose any more money. Depending on your situation, you can also block/cancel the card through your banking app or website

  • report the issue to the police or other relevant body

  • monitor your account(s) for any unusual transactions

  • explore card settings in your banking app or website – many providers allow you to limit transactions based on value, restrict transaction types or enable alerts

  • you may want to consider registering for credit monitoring services[7] and to enable fraud alerts.

So, should I give my card details over the phone?

If you want to minimise risk, it’s best to avoid giving card details over the phone if you can. Providing your card details via a website still has risks, but at least it removes the human element.

The best solution currently available is to use virtual cards – if anything goes wrong you can cancel just that unique card identity, rather than your entire card.

References

  1. ^ Payment Card Industry Data Security Standard (docs-prv.pcisecuritystandards.org)
  2. ^ company can be penalised (www.csoonline.com)
  3. ^ detailed guides for best practice (docs-prv.pcisecuritystandards.org)
  4. ^ AI scam calls imitating familiar voices are a growing problem – here's how they work (theconversation.com)
  5. ^ Eduardo Soares/Unsplash (unsplash.com)
  6. ^ virtual credit card (www.forbes.com)
  7. ^ credit monitoring services (theconversation.com)

Read more https://theconversation.com/how-risky-is-it-to-give-card-details-over-the-phone-and-how-do-i-reduce-the-chance-of-fraud-216833

Times Magazine

DIY Is In: How Aussie Parents Are Redefining Birthday Parties

When planning his daughter’s birthday, Rich opted for a DIY approach, inspired by her love for drawing maps and giving clues. Their weekend tradition of hiding treats at home sparked the idea, and with a pirate ship playground already chosen as t...

When Touchscreens Turn Temperamental: What to Do Before You Panic

When your touchscreen starts acting up, ignoring taps, registering phantom touches, or freezing entirely, it can feel like your entire setup is falling apart. Before you rush to replace the device, it’s worth taking a deep breath and exploring what c...

Why Social Media Marketing Matters for Businesses in Australia

Today social media is a big part of daily life. All over Australia people use Facebook, Instagram, TikTok , LinkedIn and Twitter to stay connected, share updates and find new ideas. For businesses this means a great chance to reach new customers and...

Building an AI-First Culture in Your Company

AI isn't just something to think about anymore - it's becoming part of how we live and work, whether we like it or not. At the office, it definitely helps us move faster. But here's the thing: just using tools like ChatGPT or plugging AI into your wo...

Data Management Isn't Just About Tech—Here’s Why It’s a Human Problem Too

Photo by Kevin Kuby Manuel O. Diaz Jr.We live in a world drowning in data. Every click, swipe, medical scan, and financial transaction generates information, so much that managing it all has become one of the biggest challenges of our digital age. Bu...

Headless CMS in Digital Twins and 3D Product Experiences

Image by freepik As the metaverse becomes more advanced and accessible, it's clear that multiple sectors will use digital twins and 3D product experiences to visualize, connect, and streamline efforts better. A digital twin is a virtual replica of ...

The Times Features

What Makes Certain Rings or Earrings Timeless Versus Trendy?

Timeless rings and earrings are defined by designs that withstand the test of time, quality craftsmanship, and versatility. Trendy pieces, on the other hand, often stand testimony ...

Italian Street Kitchen: A Nation’s Favourite with Expansion News on Horizon

Successful chef brothers, Enrico and Giulio Marchese, weigh in on their day-to-day at Australian foodie favourite, Italian Street Kitchen - with plans for ‘ambitious expansion’ to ...

What to Expect During a Professional Termite Inspection

Keeping a home safe from termites isn't just about peace of mind—it’s a vital investment in the structure of your property. A professional termite inspection is your first line o...

Booty and the Beasts - The Podcast

Cult TV Show Back with Bite as a Riotous New Podcast  The show that scandalised, shocked and entertained audiences across the country, ‘Beauty and the Beast’, has returned in ...

A Guide to Determining the Right Time for a Switchboard Replacement

At the centre of every property’s electrical system is the switchboard – a component that doesn’t get much attention until problems arise. This essential unit directs electrici...

Après Skrew: Peanut Butter Whiskey Turns Australia’s Winter Parties Upside Down

This August, winter in Australia is about to get a lot nuttier. Skrewball Whiskey, the cult U.S. peanut butter whiskey that’s taken the world by storm, is bringing its bold brand o...