Program Spotlight

Fighting Credit Card Fraud

By Finance Division Communications

Written by Heidi Kozlowski.

Credit Card Fraud: The Facts

The Federal Trade Commission reported that, in 2021, the number of fraudulent credit card transactions in the United States cost consumers and businesses over $181 million. While reporting for 2022 and 2023 is not complete, it is expected that there will be an additional 5% increase per year in losses.

Credit card fraud is prevalent and has affected many individuals, businesses and organizations, whether we know it or not. As electronic payment transactions increase, so does the sophistication of criminal tactics. This leaves consumers with higher credit card interest rates, higher consumer prices, and an increasing lack of confidence in their credit card security.

How You Can Protect Yourself    

As a consumer, there are a number of things that you should do to protect yourself:

  • Never provide your full card number, PIN or security code over the phone, email, text, etc. Always ask for an online link that is secured where you can enter the information yourself.  
  • Keep your credit card secure and out of reach of others. If you don’t know where your card is or you leave the card exposed to others, your information may be at risk of being collected by a skimmer or even written down for later use by fraudsters.
  • Check your online transactions frequently and report immediately to your bank any discrepancies.
  • Validate your card receipts before leaving a store to ensure you were correctly charged.
  • Shred printed preapproved credit card applications and any card receipts that may have your full credit card number on them. Under North Carolina law, the copy you get of any electronically printed credit card receipt should not include more than five digits of your credit card number. Check anyway! Don’t leave it to chance.

How Businesses Can Protect You 

Businesses that accept credit card payments have the responsibility to safeguard your information. This is accomplished through the implementation of the Payment Card Industry Data Security Standard (PCI-DSS). PCI-DSS was created in 2004 by Visa, MasterCard, Discover, JCB and American Express. 

In cooperation with the Security Standards Council, they developed the following set of guidelines that businesses are required to comply with: 

  • Build and maintain a secure network and systems.
  • Protect cardholder data.
  • Maintain a vulnerability management program.
  • Implement strong access control measures.
  • Regularly monitor and test networks.
  • Maintain an information security policy.

How PCI-DSS Helps Protect NC State

NC State participates in the PCI-DSS program and must comply with the six principles by completing an annual merchant and technical training. Every year, each merchant who accepts payments on behalf of NC State must complete self-assessment questionnaires (SAQs). In addition, OIT must complete scanning and penetration testing.  

2024 Attestation in Progress

NC State is currently in the process of completing the attestation for 2024. Merchants have a deadline to complete their SAQs by February 24. All individuals should have already completed their required training in REPORTER.

What You Can Do

You can help NC State remain secure and compliant by deterring fraudsters and paying attention to all transactions. If part of your duties involves handling credit cards to process payments on behalf of NC State, make sure to complete the required questionnaires and training by the deadline.

Need Help? 

If you have questions or need more information, please contact Merchant Services at merchantservices@ncsu.edu.