I managed to leave my credit card in my car, the full number and my name visible to anyone looking in the window, for several hours this morning. :smack: This was on a residential street and not a busy parking lot or anything, but I figure at least a few people must have walked by my car before I realized what had happened.
I called my bank, confirmed that there had been no suspicious charges today, and had the card temporarily deactivated. The customer service agent I spoke to said I could call back whenever I like to have the card reactivated or to request a new card.
Since I don’t know that anyone actually even noticed my credit card and it would take several days to get a replacement, it seems like less hassle to wait a few days and reactivate if nothing fishy happens. But since I’ve already made at least one boneheaded mistake today, I figured I’d ask other Dopers for their opinions.
I wouldn’t have called the bank in the first place, instead waiting for the unlikely event someone used this to their advantage. That said, now that you have called them I’d be a little paranoid of them creating a narrative where you essentially knew there was a compromise and didn’t report it (or rather, un-reported it), making you liable if there is an issue. Unlikely, but in your current position I’d probably just get the new card.
FWIW the CVV on this card is on the back and thus would not have been visible to passers-by. I assume someone with decent computer skills could brute-force hack a three digit code if they wanted to, although I suppose the odds of such a person strolling by my car and looking in the window during the time the card was there are pretty low.
The only reason I wouldn’t want to replace the card is the deactivation time between now and when I got it. But since it’s already deactivated, I’d go for it. The risk may be small, but the peace of mind is worth it.
Well, assuming it’s a free replacement. If it costs, then I guess it depends on how whether you think that money is worth the peace of mind. In your case, I might pay $5 or maybe $10, but not more.
Problem with brute forcing a CVV is that it would be impossible without offline access to the credit card company’s database since it’s the only thing which would be able to confirm if the code was right or not.
If you’re going to brute force something you can’t bounce it off a server because trying every possible code would be very suspicious and your card would be deactivated within 10 tries, probably fewer.
Aside: you can go to your credit card’s website and set up alerts that you can get by text. I have alerts set up for any charge over $50, and for any charge made where the card is not present (like internet orders). I get these alerts even if I’m the one making the charge. The text comes IMMEDIATELY as the charge is made. I sit at my computer and order something from amazon and as soon as I click “place the order,” I hear the text alert. Gives you a lot of peace of mind.
That’s stupid. :dubious: He’s under no liability from the bank.
Honestly, I would just check your statements and only replace the card if you see any fraudulent charges. Banks are pretty good about taking care of that stuff.