What your bank should be doing to protect you from ID theft.
A person we know suddenly learned he was a debit-card identity theft victim -- while his debit card was locked in a bank safe deposit box.
He immediately informed his debit-card issuer, a major bank, but the branch rep said there was nothing she could do. We directed him quickly to an identity theft hotline, buried on his bank's Web site.
Such a slow response by your bank could lead you to suffer a greater financial loss if an identity thief targets you. So it could pay when you open your bank account to find out exactly what steps your bank takes to curb identity theft.
Javelin Strategy & Research, Pleasanton, Cal., notes that the mean consumer cost of identity theft has increased to $691 in 2008 from $554 in 2007. It cites more sophisticated criminal fraud techniques -- particularly in new accounts fraud.
Warning: Some 12% of major banks lack a zero-liability policy for debit cards that require access via a personal identification number or PIN, according to Javelin Strategy. So learn how your bank protects against identity theft, particularly before opening a PIN-accessed debit card.
Fortunately, federal law limits your losses on a lost or stolen credit card to $50. You also have some protection for debit cards -- provided that you promptly notify your bank.
Nevertheless, losses when your identity is stolen, according to Javelin's 2008 Identity Fraud Survey Report, can escalate the longer the fraud goes undetected. Victims who detected the fraud within one day spent an average of $428. But those who took up to five months lost three times as much -- $1,207, its report says.
Your bank can take precautions
There are certain things your bank can do to nip an identity theft in the bud. It could pay to make sure your bank takes certain precautions, advocated in the Javelin Strategy survey:
Provides you with the ability to create restrictions -- either online, by phone or in-branch -- on particular transactions. Don't think you'll ever conduct any wire transfers outside the United States? Bank only with institutions that let you limit those transactions.
Eliminates distribution of your personal information and limits use of your Social Security number to the last four digits.
Offers to email or text message you if there's ever a change of personal information, including a change of address, addition of a cardholder or unusually low balance on your account.
Has a centralized fraud resolution department.
Lets you quickly freeze your account.
Requires at least two ways to confirm your identity both by telephone and online banking.
Regularly educates employees on how to properly secure sensitive information.
Regularly examines employees for insider collusion.
Encrypts your personal identification numbers, passwords, Social Security numbers and other private data.
Uses no hyperlinks in emails. This way, you can determine which emails don't come from your bank.
Meanwhile, Javelin Strategy reports increased theft via mail order or telephone order purchases. It cites a newer tactic, "Vishing," or using the Internet to place phone calls. Internet-placed calls are tougher to trace.
Bottom line: Never provide personal information -- even over the telephone. If you get a communication from your bank, call only the telephone number you already have -- not the one in the communication.