Should You Store Your Credit Card Details Online?

Is credit card security at risk when you allow stores to keep your details? : Internet Scambusters #771

Can 94 million of us be wrong? That’s how many Americans store their credit card details with online retailers.

But the more we do that, the more risks we face of having our financial info stolen or compromised in some way.

In this week’s issue, we look at the pros and cons to help you decide — but it’s still your decision!

Let’s get started…

Should You Store Your Credit Card Details Online?

How often have you bought stuff online, entered your credit card details and then selected the option that allows the retailer to keep your card details on file — you know, so you don’t have to re-enter them next time you buy?

But, think about it. Each time you do that, you’re increasing the risk of those details being stolen.

It seems like almost every day we hear about one company or another being hacked and customer records being compromised.

If the victim company happens to be one you did business with and stored your card records with, the hackers likely have your details now.

According to latest research, about 94 million Americans store their credit and debit card details this way. That’s two out of every three shoppers.

And it seems buyers at both ends of the age range — oldest (people born between 1925 and 1945) and youngest shoppers — are more likely to select this option. The in-betweenies are more cautious.

Matt Schulz, senior analyst at, which commissioned the research, says: “There’s no denying the convenience of online shopping; you don’t even have to put on pants to make a purchase.

“However, saving your payment information online not only increases the likelihood of making unnecessary impulse purchases, it can also leave your data vulnerable to hackers.”

Alex Johnson from the credit-scoring organization FICO echoes these comments: “For online consumers, there’s a trade-off: The more you store your payment info in a variety of places, the greater the odds of being a victim of fraud.

“But saving your information offers a definite advantage in terms of convenience because you don’t have to have your card on hand to make a purchase.”

So, should you allow retailers to keep your card info?

Ultimately, it’s a personal decision — convenience versus the risks.

No Way

Consumer journalist Lindsay Konsko, an avowed “no-way” responder to such requests, writes on the NerdWallet consumer finance website: “This issue has more to do with personal psychology than with actual practicality. Merchants want you to store that information so you’ll have a reason to come back, and so you can take advantage of your own choice to have this convenience.”

However, allowing storage of your details for convenience is not the only option you have.

These days Internet browsers and many password managers allow you to store the information securely on your own PC, so you don’t have to re-key it each time you make a purchase.

Of course, this assumes you have up-to-date security software on your computer to safeguard this information from hackers there. Otherwise, you’re probably less safe than on the retailers’ systems.

Alternatively, many online stores allow you to use Internet payment systems like PayPal, which keep your card number a secret — providing, that is, they don’t get hacked themselves!

You can even memorize your card numbers to make it easier to enter them speedily each time you make an online purchase.

Cut the Risk

But if you do opt to allow stores to keep your card details, there are a couple of things you can do to cut the risk of those details being compromised:

* First, be sure the page where you enter your details is secure.

This simply means checking that the page address (in the address bar of your browser) starts with “https” — it’s the “s” (for “secure”) that’s important.

You should also see a padlock icon and perhaps the word “Secure” at the start of the address box.

* Second, be wary if you’re shopping at a site that you’re not familiar with.

Even though that “https” means your data is transferred securely to the retailer, you have no way of knowing how carefully they protect your info once they’ve got it, especially if they’re based abroad.

As journalist Konsko notes, anything you put on the Internet “should be considered completely unsafe and available to the public. No matter how much a website boasts about its security, it may still be vulnerable.”

The good news, she points out, is that if your card details are compromised as the result of a data breach, your credit card company will probably cover the losses — though you still, of course, have to go through the tedious process of canceling your cards and flagging up the loss with the credit reporting agencies.

Alert of the Week

We reported a few weeks back about how scammers use the name of Microsoft Office to phish for personal, sign-on information.

Hot on the heels of that warning comes news of an email currently circulating purporting to be from Microsoft with a message that says something like “You have 2 new Office 365 messages concerning your security update.”

This is followed by a link that says, “Go to Office 365 message center here,” but, of course, it leads to a fake sign-on page.

If you get any type of message about your Microsoft account, don’t click links. Go to and access your account from there.

Time to conclude for today — have a great week!