Two weeks ago, I received a call from Citibank. Thinking that it was a telemarketer trying to sell me a financial product, I was all ready to say 'no thanks and goodbye' when the lady on the other end of the line said: "Your card has been compromised."
Paranoid by nature, I questioned the caller to ensure she's not a fraudster trying to "phish" for my personal data over the phone. I asked when and where my card was compromised, and found out that it happened during the period straddling November and December last year--when I was on a work trip in Phuket, Thailand.
It was my only trip overseas over those two months, and I had used my card only once at the front desk of the five-star international resort where I had stayed.
According to the Citibank representative I spoke to, it was likely that identity thieves had used a wire-tapping device to retrieve data being transferred through the line that connected the merchant to a central system that processed the transaction.
A security guru also suggested that the fraud could have happened because retailers in Thailand have not switched to chip-based cards and PIN payment mode. They still swipe magnetic strip-based cards, and this made it easier for the customer's personal data to be skimmed and used for malicious purposes.
While most countries in Asia--including Singapore--still widely use magnetic strip cards as a primary mode of payment, credit card companies have been pushing for countries where there are high levels of fraudulent activities, to migrate to chip-based credit cards as these are touted to offer better security.
More recently, though, other security tools have emerged and could also help fight identity fraud. Is chip and PIN the solution? What about the new biometric payment service that Citibank is touting? Could that hold the key to combating card frauds?
Above all, now that I know fraudulent activities can strike anywhere, I've been taking extra precautions. I remember now feeling uncomfortable when the front desk officer at the Phuket resort disappeared into a backroom with my credit card. I should have insisted that he swiped it in front of me--a precaution which the Citibank representative said I should take to ensure my card will not be swiped through a second device which could be used to skim credit card data. What other preventive measures would you suggest?