Cash is Cyber King
The recent Chili’s credit card data breach prompted me to revisit my views on credit cards.
Is it really worth using credit cards?
Let’s put aside personal financial management and assess credit cards from a cyber security viewpoint.
Each credit card transaction leaves a digital footprint of our spending behaviors. Credit card companies, financial institutions, marketing firms, and potentially hackers now know our spending behaviors. They can deduce your preferences, your geographical locations, and what items your order at restaurants (including how many persons were with you at dinner).
The Telephone Marketing Hack
Let’s hypothesize a hacker had determined you really love rubber ducks because you spend $100 per month at rubber duck related businesses. A robo caller or a clever hacker calls and gives you an offer for a limited edition rubber duck by signing up for an online promotion from your credit card company. All you need to do is visit a special website, log in with your credit card company’s credentials, and complete the online form to redeem this special offer. Now your login credentials were stolen and you gave away personal information.
Sounds absurd? I know someone who experienced a similar situation and took the bait.
The Cat is Away and the Mice a Will Play
You are on a vacation and you go out to dinner at a restaurant. Let’s assume this is a restaurant that is unique to the area, which would make the meal more special. You use your credit card. Your digital footprint confirms you are away from your home area. Your credit card company flags the credit card transaction and gives you a call to confirm. In this scenario, a hacker has been monitoring your credit card transactions. The hacker, knowing you are out of town and do not have have a home monitoring / protection system, decides to post on the dark web you are out of town and will sell the address to anyone who wants to burglarize the home.
We have heard stories about individuals tweeting or posting on Facebook about being on vacation and having their home burglarized. There are also scenarios of homes being burglarized while a family is at a funeral. Needless to say, this is not too far fetched.
You Cannot Hack Paper
By know you might be wondering about the protection your credit card offers you. This is definitely true if you catch it in time. The rise of e-statements makes it easy to forgot to check your credit card bills. If you find a fraudulent transaction too late, you are out of luck.
With cash, you can physically count how much you spend. As good as hackers are, they cannot hack a physical wallets.
Their is still a physical robbery, but with that situation just being alive after it is worth more than any amount lost. I wish you never experience it.
Unfortunately, where you obtain the cash is susceptible to hacking. An ATM leaves you vulnerable if your card has no locking features and your PIN is easily guessed. Also, if the ATM is out doors and not monitored, it could be tampered with to steal your card information. When getting cash back at the supermarket make sure to cover the PIN pad with one hand to prevent shoulder surfing and place your fingers over all the keys to hide the heat signatures from an infrared camera. Treat the card like a password and the ATM as unsafe Wi-Fi and you should be safer.
Better Personal Financial Management
Some financial advisers recommend avoiding credit cards or reducing their use to improve financial situations. You may also use it to negotiate a lower price on purchases.
Cash is still very valuable. It cannot be hacked. It can improve your finances. It might be worth considering next time you are at dinner.
Before You Go
Join my mailing list to receive updates about my writing.
About the Author
Miguel is a Principal Security Engineer and is the author of the " Serverless Security " book. He has worked on multiple serverless projects as a developer and security engineer, contributed to open-source serverless projects, and worked on large military systems in various engineering roles.
Originally published on Medium.com