10-10-2013 06:02 PM
I was reading through the FCRA and found the clause below. I know stores that have given me receipts that show the full credit card number and IIRC, they are small stores like mom and pop shops. I imagine the reason behind the clause below is to prevent fraud as the store keeps a copy of the receipt and anyone can get the credit card numbers if they have access to those receipts.
My question is: How does one go about reporting this and is this something I should worry about? Should I pay in cash now at these stores? Should I do something about it when it happens again?
(g) Truncation of Credit Card and Debit Card Numbers In general. Except as otherwise provided in this subsection, no person that accepts credit cards or debit cards for the transaction of business shall print more than the last 5 digits of the card number or the expiration date upon any receipt provided to the cardholder at the point of the sale or transaction.
Limitation. This subsection shall apply only to receipts that are electronically printed, and shall not apply to transactions in which the sole means of recording a credit card or debit card account number is by handwriting or by an imprint or copy of the card.
Effective date. This subsection shall become effective -
a) 3 years after the date of enactment for any machine in use before 1/1/2005
b) 1 year after the date of enactment for any machine in use on or after 1/1/2005
10-10-2013 06:21 PM
10-10-2013 06:36 PM - edited 10-10-2013 06:41 PM
This is a big part of the work I do and I can tell you if a store provides you with a receipt showing the full CC number they are in violation of PCI requirements.
PCI stands for Payment Card Industry and that consists of well known friends Visa, MC, Discover etc etc.
I would avoid places like this as it is a solid indication they have not upgraded to current software and best practices for customer information security.
While Mom and Pop stores have a limited place in the convenience store industry for lower volume areas(The mountains of Asheville market comes to mind. Super busy during summer/Fall season then dead for several months before business slowly starts to pick up again) in most cases they dont make large margins so some do struggle but others are just cheap and have the "Im not upgrading" attitude which usually costs more in the long run.
Anyway, always try to use chain stores as the majority of them will do what is required to keep from being a victim of fraud.
Unfortunately, in my experience approximately half of Mom/Pop stores are not PCI compliant and are a low level risk to their customers in my professional opinion. They give the stores paying the $$ to comply a bad name.
If possible use major brand fuel as in Exxon, Shell , BP , Citgo etc. They have stronger compliance standards than the site with no major brand for fuel. This of course does not imply that all unbranded stores are necessarily bad.
As you can see it is a big game of trust and unfortunately the folks with the money are usually the ones in compliance.
10-11-2013 07:37 AM
Huh. This is very interesting information. I need to start paying closer attention to my receipts!
10-11-2013 07:03 PM
At my work, the credit card receipts show the last 4 numbers and it show's " xx/xx " where the expiration date is and were a local small non-profit. We are PCI Compliant, cuz we get charged $20 a month if we are not. Our one and only Merchant Service is TransFirst. Back in 2010 we discovered the previous executive before me had signed up for every Merchant Service who called us, cuz they just go by "Merchant Services" when they call and he fell for it and before we know it we had 5 Merchant Services dipping into our account for one credit card machine leased by a scam company called Northern Leasing, we were paying for Discover and AMEX and they didn't work, probably cuz one Merchant Service was counter reacting the other and we are not PCI Complaint . Our CFO who found this out in 2010 tried to contact all of those companies but didn't get a responce the same day, and so she went to our bank and stopped payment to every last one, which eventually got their attention Then we slowly closed thoses accounts and paid them whatever was owed and switched to a credit card from our bank who does Merchant Services through TransFirst, and everything is great! To this day we still get those calls from "Merchant Services" and I have fun when those people call, I get them to tell me what company they are actually from to trip them up, and the new thing is they sometimes call and say they would like to talk to you about your credit card processing account, next time i get one of those kind of calls i am going to ask them to confirm that last 4 of our Merchant ID and if they can't provide me with it then I will end the call! LOL!
Sorry to post all of that as some of it is kinda off topic of this post!
Forums posts are not provided or commissioned by FICO. Forums posts have not been reviewed, approved or otherwise endorsed by FICO. It is not FICO's responsibility to ensure all posts and/or questions are answered.Advertiser Disclosure: The listings that appear on myFICO are from companies from which myFICO receives compensation, which may impact how and where products appear on myFICO (including, for example, the order in which they appear). myFICO does not review or include all companies or all available products.
IMPORTANT INFORMATION: All FICO® Score products made available on myFICO.com include a FICO® Score 8, along with additional FICO® Score versions. Your lender or insurer may use a different FICO® Score than the versions you receive from myFICO, or another type of credit score altogether. Learn more
FICO, myFICO, Score Watch, The score lenders use, and The Score That Matters are trademarks or registered trademarks of Fair Isaac Corporation. Equifax Credit Report is a trademark of Equifax, Inc. and its affiliated companies. Many factors affect your FICO Score and the interest rates you may receive. Fair Isaac is not a credit repair organization as defined under federal or state law, including the Credit Repair Organizations Act. Fair Isaac does not provide "credit repair" services or advice or assistance regarding "rebuilding" or "improving" your credit record, credit history or credit rating. FTC's website on credit.