Security Flaw Found in Chase/BOA Credit Cards - Other News

Advertising Disclosure

Credit-Land.com is an independent, advertising-supported web site. Credit-Land.com receives compensation from many credit card issuers whose offers appear on our site. Compensation from our advertising partners impacts how and where their products appear on our site, including, for example, the order in which they may appear within review lists. Credit-Land.com has not reviewed all available credit card offers in the marketplace.

Credit Card Applications » News » Other » Security Flaw Found in Chase/BOA Credit Cards

Security Flaw Found in Chase/BOA Credit Cards

Add to Favorites:
Security Flaw Found in Chase/BOA Credit Cards

Anyone out there with a credit card from either Bank of America or Chase should brace themselves for some unsettling news: your personal information and financial data may be vulnerable to the ways of hackers and ID thieves. This, due to a security flaw that was recently revealed by Boston consumer advocate, Edgar Dworsky. He discovered that anyone desirous of learning your credit limit, recent payment history and the like can do so, relatively simply, by making a phone call.

According to Dworsky, who happens to be the founder of Consumer World as well, the security loophole he discovered lies within the 24-hour automated telephone information systems used by Chase or Bank of America, two of the leading credit card issuers in the United States, to enable cardholders to keep an eye on the activity posted to their accounts. Should a cardholder dial the customer service number printed on the back of the card from the main telephone number attached to their account, the bank matches the caller ID to their account records. If a match is found, the caller need only provide the last four digits of their account number to access information. In some cases, the cardholder’s zip code is also requested.

“The trouble with this system is that hackers, crooks, suspicious spouses, or nosy neighbors can access your credit card information using the same method the reporters from that British tabloid used to break into subjects’ voicemail accounts,” explained Dworsky to pr.com.

“This is far more serious, however, since consumers’ financial information and privacy are at risk.”

When writer Herb Weisbaum reached out to BOA and Chase on behalf of cnbo.com for comment, he received the following replies:

“Our objective is to balance customers’ need for convenience and quick access to general information with industry best protection of their accounts,” wrote Betty Reiss at Bank of America. “In addition to at least two levels of authentication required to access very limited information over our automated system, we have additional security controls in place to detect potential abuse of our automated systems. We understand that there will always be individuals who are trying to beat the system, and we’re constantly looking at measures to better protect and service our customers.”

I got this response from spokesperson Eileen Leveckis at Chase: “Chase takes data protection extremely seriously and we have numerous fraud-detection tools in place to best protect our customers. We are always engaged in research and development for new anti-fraud and data-protection technologies and we are an established leader in data security.”

Dworsky told pr.com that closing the loophole would be a quick fix, but if only Chase and BOA would require cardholders to provide their full 16-digit account number when accessing their systems.

Should a potential ID thief fraudulently acquire information in this manner, they could then call the cardholder and impersonate a bank employee. Armed with the accountholder’s private information, the thief could potentially have an easier time coaxing their victim into revealing even more information such as their entire account number and security code, which, in turn could facilitate ID theft or credit card fraud.

Add to Favorites:

Related News:

More EMV Enabled Debit Cards, Less Fraud

Posted: August 22, 2017

Last year there was an upswing in the number of chip-enabled debit cards rolled out, according to the 2017 Debit Issuer Study by Pulse, with an estimated 80% of cards in the United States having been outfitted with EMV technology. While ... Continue reading
Fewer Millennials Paying Attention to Finances

Posted: August 21, 2017

In 2015 more than half of Millennials were thinking about how to turn their financial goals into a reality, but in 2016 that number dropped to 37%, according to Navy Federal's 2017 Millennials and Their Money study. They also found that ... Continue reading
Debt Could Put a Damper on Romance

Posted: August 18, 2017

Does credit health factor into romance? The answer is yes, according to the new Chase Slate 2017 Credit Outlook survey. Carrying a lot of debt could be a deal breaker for some people, with 37% saying that it could make them think less of a ... Continue reading
Get the latest news, articles and expert advice delivered to your inbox. It's FREE.
Match Mile For Mile: We’ll match all the Miles you’ve earned at the end of your first year. For example, if you earn 30,000 Miles, you get 60,000 Miles.
For Excellent, Good Credit
You could turn $150 into $300 with Cashback Match™. Get a dollar-for-dollar match of all the cash back you’ve earned at the end of your first year, automatically.
For Excellent, Good Credit
No Annual Fee. See WebBank/Fingerhut Credit Account Terms.
For Bad Credit