Stop worrying about your credit card number

Credit card safety and security has been top of mind for many people the past few weeks because of two announcements:

  1. In November, the startup Coin announced a thin digital device that promises to consolidate all your credit cards into a single swipeable device. I excitedly pre-ordered one.
  2. Last month Target announced that up to 40 million credit card numbers were stolen by hackers.

There’s been much written about these events, including a lot of misinformation and fear mongering. The press is trying to scare consumers into thinking they are at risk if something goes wrong. Even the New York Times is spreading false fear:

When you buy it, you are agreeing to terms of service that give you no protection. Should something go wrong…it’s not Coin’s problem.

Lets get the facts straight:

  • Your credit card number is not a secret. You hand over your credit card to merchants every day, who often take the card out of your sight. There’s plenty of opportunity for someone to steal your credit card number. Get over it.
  • Under federal law, you aren’t liable for a single dime if there are fraudulent charges on your credit card. Liability falls on the issuer of the card; it’s built into their models. Let them worry about fraud, they are the experts.
  • You don’t need to replace your card after the Target leak. Someone smart already did the math and decided that the cost of replacing 40 million credit cards is more than the cost of their potential liability. That’s why you didn’t get a new card in the mail.

There are powerful computers constantly looking for irregular behavior and fraud every time a credit card is used. Banks do this because they lose money when fraud happens.

Credit card companies have tried introducing “safety” features like putting your photo on the card, or creating one time use numbers for online purchases. There’s even a startup claiming they will “make credit card fraud a think of the past”. Ultimately these features help the banks reduce their risks and their costs. They don’t affect consumers.

My advice: Always check your card statement before paying. Most bad charges aren’t from fraud, but from merchants that make mistakes. Go through your statement line by line before you pay it. It’s worth it.

Other than that, stop worrying about it. You’re safe.

Update: This applies to *credit cards* but *not debit cards*. There is increased liability when using a debit card. I’ll write a post tomorrow to outline this.


  1. Wrong! People do have to worry. The NYTimes is correct: if your number is stolen online and used for fraudulent purchases, you do in fact have liability.

    The FTC makes the laws clear.

    1. If your credit card number is stolen, you are liable for up to $50.

    2. If your debit card number is stolen, you are liable for potentially all the money stolen from your account. Most people would likely be limited to $500. See the FTC for details.

    Please update your post to note these corrections. You’re misinforming people.

  2. you’re right: you do have liability if you lose your *debit* card but not on your credit card. I clarified the post to mention this is for credit cards only. I’ll post something tomorrow about the risk of debit cards. I think debit cards are awful and should never be used

  3. Many credit card issuers waive the $50 liability, Reader X. My American Express has been compromised a few times over the years by fraudsters, and I’ve never been liable for a dime.

  4. yeah i didn’t even mention the $50 liability for credit cards because I’ve never heard or seen that be enforced. American Express and other good banks cover you 100%.

  5. I’d also argue that US banks are unwilling to seriously combat fraud because, frankly, fraud is big business. If US banks were serious about fraud, they’d take steps to adopt something like chip-n-pin used thoughout the UK (maybe all of Europe, not sure), etc…

  6. Matt: agree. The banks probably calculated that adding pins and other barriers would decrease usage of credit cards (i find that cash is still heavily used in europe). It’s worth it for them to keep transactions frictionless even if they have to eat more fraud dollars.

    1. Josh, I disagree. I’ve never paid a fee to a credit card or a bank so i’m not sure how banks are passing this on to me. if they wanted to reduce their costs, they could implement more security but they choose not to.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s