Careful giving your zip code to retailers

[nsolimini]

"Users simply capture name from the credit card swipe and request a customer’s ZIP code during the transaction. GeoCapture matches the collected information to a comprehensive consumer database to return an address.”

Never Give Stores Your ZIP Code. Here's Why - Forbes

 

[w_ADAM_d88]

It's more of a fraud technique. Start giving false zip codes and your card may be canceled, or you will be constantly getting calls from you CC companies fraud prevention dept' confirming your purchases.

I have entered my work zip code by accident while getting gas on my CC, and within 24hrs I received a call from Chase, wanting to verify my transaction.

 

[Cpl. Klinger]

There's different reasons. At a gas pump, it matches the ZIP you provide against that of the card. If they differ, the transaction declines. If asked in a store, that's different. Most credit cards do not allow a retailer to verify anything about the customer. You're not really supposed to ask to see ID, even if the card isn't signed. If it's a human doing the asking, I'd give a fake one. If it's a gas pump, give the right one.

 

[Shiban]

There's different reasons. At a gas pump, it matches the ZIP you provide against that of the card. If they differ, the transaction declines. If asked in a store, that's different. Most credit cards do not allow a retailer to verify anything about the customer. You're not really supposed to ask to see ID, even if the card isn't signed. If it's a human doing the asking, I'd give a fake one. If it's a gas pump, give the right one.

Yup. Same thing with phone numbers. I went into Kmart a few months ago. I hadn't been into one in years. The cashier was asking every person for their phone number. Needless to say, I gave them Jenny's. 867-5309. 4 people popped up on her screen. She asked me which one. So I'm Carla somebody.

 

[spec4]

Cabelas checkout is always unpleasant. They hit you up for your phone number, solicit a credit card and solicit a donation. I just keep saying no until they thank me and hand me my receipt. Leaves a bad taste for Cabelas.

 

[Kirk Freeman]

I have lived in the 12345 ZIP code for a very long time.

At Payless and Marsh they insist that "I must fill out the discount card" application. I know all the grocery store managers by name.

 

[kiddchaos]

At a gas pump, it matches the ZIP you provide against that of the card.

An almost pointless security measure.

 

[JasonB]

Two instances where Zip Code is ever asked on Card Transactions most don't realize they are completely different...

1) "Unattended" Transactions Zip must match Card Holder's Billing Address or the Transaction against the card will be denied by the Merchant Processor (Bank processing cards for the retailer)... This is a Security Measure implemented as What you Have (Card) and What you know (your Billing Zip) that helps prevent instances of stolen cards.

Any system of this type such as Pay at Pump Fuel that allowed you to complete transaction without the proper ZIP CODE should be transactions you worry about...

That means some random idiot sitting in his boxers in some dark room coded the Point of Sale Solution being used and could very well have ignored several other rules such as allowing systems to ever "SAVE" your Credit Card.

2) "Face to Face" Zip collection - Lowes started doing it... If you watch the register screen (in front of idiot asking for your ZIP) you will notice the actual Card Transaction has completed (should see approval code and some other info show in area around total at bottom of their screen...

You can give whatever crap info you wish for these instances once you learn the difference... These are entirely Marketing related and used by who knows within the Retail world.

Some advice from someone that works within the Payment Card Industry rules/regs....

Never allow any Site, Retailer, or Business to "SAVE" your card data... May make that next Papa Johns order online easier but you have to realize no system is 100% safe from hackers/intrusion which means neither is your Card Information saved to any system.

Memorize the "CVV" (Security Code on the back of your card) then scrap it and the impression of it off your card... This was one of the single most stupid things Card Companies ever did... This Code along with the Card Number and Expiration Date will allow anyone to complete 95% of any transactions on the Web should your card be lost, and oh by the way good luck recouping any funds from loss to time card is cancelled if the CVV was entered correctly... Protect this Number better than you protect the PIN associated with the Card.

If you can't manually swipe your card every time be sure you do not let your card out of your sight... Do you really trust the idiot behind the McDonald's window that looks like they are coming down from their last crack high? It only takes the card being pass close by a proximity reader for anyone to capture the card information and sell it off later...

NEVER EVER give your Card Information on the phone for any reason unless you are the person that DIALED the Phone Call... Even then be 100% sure you know exactly who is on the other end of the Call even if you did dial the number before you give your your card info... If in doubt watch Identity Thief, funny and all but it really is that easy for someone to assume / steal your identity.

For anything on the Interweb... Be 1000% sure the site uses HTTPS/SSL Security before entering any personal information and before your card ever leaves your pocket... Otherwise that data can be viewed by anyone that may feel like listening in on the data stream between your computer and the website host system (where ever that may actually be in the world)...

If you don't see some sort of "Security Seal" on websites don't use them for any type of payments. If you want to see what I'm talking about visit www.govpaynow.com scroll to bottom and look at the "Trustwave - Trusted eCommerce" Seal (if you click it notice you will have another page open that shows the Company's PCI-DSS Compliance Status to you real time... Or if you wish you can visit one of our competitors such as www.officialpayment.com and see they use a similar PCI-DSS Compliance solution... Regardless if you can't confirm PCI-DSS Compliance for a Website Don't use them as it means either than company is too lazy to actually follow the proper rules to ensure their systems meet all industry security requirements, or could be their system doesn't comply with industry security, or in some cases it may just be the company is too small to fall under terms of PCI-DSS which means they can do what they wish including above Strange Fat guy coding in some dark room in his boxers.

 

[No2rdame]

Just to add one more precaution, always hide your credit card number as best possible in public, even if you are self-swiping at a terminal. Cell phone cameras are often good enough now that someone could've just snapped a shot of the card number without you even knowing about it. Yes, they may still need the CVV but that's not foolproof.

Personally, I'm not as worried about stores knowing who I am. Hell, let Target know who I am. Maybe they'll give me a coupon or two at some point since they know what I like. It's better than what I get from our government for their intrusive spying on me.

 

[hoosierdoc]

Memorize the "CVV" (Security Code on the back of your card) then scrap it and the impression of it off your card...

Awesome advice right there