The Bitwarden Blog

What the World’s Largest Credit Card Companies Say About Security

B
authored by:Bitwarden
posted:
Link Copied!
  1. Blog
  2. What the World’s Largest Credit Card Companies Say About Security

Whether you are operating as an individual or part of a business, the world’s largest credit card companies recommend several security best practices for better online protection. Recommendations from major companies like Visa, Mastercard, and Chase generally fall into four categories: device security, strong passwords, phishing awareness, and account alerts.

This article explores those credit card online security recommendations and how to put yourself in the best position to be more secure online.

The Top Four Credit Card Security Recommendations from Industry Leaders

Device Security

Mastercard provides a security resource page for their business customers to help them keep themselves and their employees safe. The company recommends implementing security measures on all of your devices — PC, laptop, phone, or tablet, securing accounts with two-factor authentication or 2FA, and keeping your device secure.

Visa also highlights device security and reminds customers to always update to the latest version of device software including security patches. American Express or Amex goes further by recommending you always update browsers and operating systems, while Chase discourages use of public WiFi and ensuring you transact from encrypted connections.

Strong Passwords

All the world’s largest credit card companies recommend customers use strong passwords and make each password unique for each account. Citibank goes further by advising customers not to use a variation of a password used elsewhere, or variations of your name and the names of family members or pets, as identity thieves can find this information on social media.

Citibank recommends you should never write down passwords, and Mastercard agrees. Let a password manager do the work. Mastercard also adds that whenever possible further secure your account by adding two-factor login – usually a PIN code sent to your phone or generated by an authenticator app or security key.

Not using a password manager yet? Here’s how to get started.

Phishing Awareness

Credit card companies commonly recommend phishing awareness for better security. Mastercard, in particular, warns customers that 91% of all cyberattacks start with a phishing email. However, email isn’t the only way cybercriminals phish for your credit card login credentials, credit card details, or other sensitive information.

Visa warns customers to be wary of unsolicited phone calls offering “one day only” deals, while Chase suggests text messages threatening to close an account unless immediate action is taken can also result in customers unwittingly revealing login credentials, credit card details, or other sensitive information – or visiting a website that downloads malware onto their device. A password manager can help thwart phishing attacks by reminding you that if a password is not stored for that website that should be, you might want to double-check the webpage URL.

Account Alerts

Credit card account alerts vary depending on the services provided by the credit card companies and the type of credit cards you use. For example, Amex advises, “If your credit card offers email or text alerts every time a purchase is made, this would be a good time to utilize that service.” However, using these services for every transaction can result in “alert fatigue.”

Chase and Citibank offer a better option by allowing customers to customize alerts, so you only get notified when certain account activity takes place like if:

  • Your credit card is not present at the time of purchase

  • A transaction exceeds an amount you have set

  • A transaction takes place outside the U.S.

Visa offers a similar service for transactions processed by the VisaNet service.

How Following Credit Card Security Recommendations Contribute to Developing a Cybersecurity Culture

Discussions relating to cybersecurity culture are not just for big enterprises. Individuals and SMBs should also consider their cybersecurity postures, especially with the rise in online fraud and cyberattacks. Furthermore, cybersecurity cultures are easy to develop when given the right tools. You only need to make incremental changes for how you or your employees act online.

Adopting a cybersecurity culture can start by following the credit card security recommendations published above and summarized below:

  • Set reminders to check for software, browser, and operating system updates, and look for software solutions that prompt you for updates as they appear.

  • Use a trustworthy free password manager to generate and store complex passwords for each account and implement two-factor authentication.

  • Configure your email provider’s filters to filter spam more aggressively, block the senders of phishing messages sent by SMS, and treat unsolicited phone calls with caution.

  • Customize alerts from credit card providers, bank accounts, and other financial institutions to be notified of any unusual or unexpected activity.

Taking these incremental steps encourages credit card cybersecurity discussions, develops awareness, and increases responsiveness. Individuals become more responsible for online security when provided the right tools. We call this the “Triangle of Security Success.”

Learn how to create a Triangle of Security Success using a password manager, two-factor authentication, and a well-protected email account.

Get Started with Bitwarden

Level up your security today by starting a free business trial or talking to an expert to find the best solution for your organization.

Editor's Note: This article was originally written on July 27, 2021 and was updated on May 22, 2024 with updated information and references.

ComplianceSecurity Tips2FABusinessPassword Manager
Link Copied!
Back to Blog

Ready to see Bitwarden in action?

Start a Trial
Contact Sales

Level up your cybersecurity knowledge.

Subscribe to the newsletter.


© 2024 Bitwarden, Inc. Terms Privacy Cookie Settings Sitemap

This site is available in English.
Go to EnglishStay Here