safe holiday shoppingUpdated: May 3, 2016

Heading into the holiday shopping season, you are probably worried about the safety of your personal data as you pick up gifts and the other essentials this time of year. Who can blame you for worrying? Last November during the height of Black Friday holiday shopping, Target suffered a malware attack that exposed the credit and debit card numbers of more than 40 million people across the country. The results were devastating, and it seems like there has been a never-ending chain of breaches at restaurants and retailers ever since. Of course, you don’t want to stop shopping, but how can you ensure that trip to the grocery store for another can of cranberry sauce won’t result in financial ruin or identity theft? Here are some tips you can follow to protect your information from a breach, whether you’re shopping in stores or online this holiday season.

Safety Tips for the Checkout Lane

Given that a majority of the data breaches over the past year have occurred when people swiped their cards in person at cash registers, this is an area where you probably have major concerns. The good news is retailers and card companies are taking action. Many stores have upgraded their systems and hired dedicated security firms to help ensure any problems during the upcoming holiday shopping season are caught long before they become catastrophes. What’s more, by October 2015 both Mastercard and Visa have plans to issue chip-based cards to all customers and hold merchants with outdated equipment liable for any fraud that occurs after this point. What more can you do to stay safe?

Keep your card in your wallet until it’s time to pay. Don’t stand in a long line of holiday shoppers with your card in your hand. Instead, keep your card in your wallet until just before you need to hand it over or swipe to process the transaction. Store it immediately afterward, rather than setting it on the counter while you sign the receipt. If you must take it out, be sure to cover the card number as well as the CV code at the back with your hand so nobody can read or photograph it.

Be wary when entering your debit card PIN. When entering your PIN during a transaction, it is always good to block the keypad from view of the cashier or other customers with your body or your hand. What many people don’t know is that your PIN can be stolen in other ways than someone seeing you type it in. There is a heat signature left on non-metal keypads for about 15 minutes after you use it. Infrared cameras, which are easily purchased and attached to smartphones these days, can be used to measure this heat signature and obtain your PIN. You can prevent this by resting your fingers on other keys while typing in your PIN, which will make it more difficult for thieves to discover your combination.

It should be noted that the best way to protect your PIN while you pay is to run your card as credit instead of debit. This will not only protect you from preying eyes, but also keep your PIN and bank accounts safe in the event of a data breach.

Use caution when taking cash from ATMs. When you’re in need of some extra cash between stores you should also be sure to be on the lookout. Many card thieves insert devices called skimmers into ATMs which read your card information when you insert it to take cash from the machine. Inspect the card slot before using it, paying attention for signs of damage or adhesive tape residue. Try to use indoor machines, as those are generally better protected than outdoor machines. If someone is hanging around too close, wait until they leave before entering your PIN. Also remember to rest your fingers on other keys when entering your PIN to protect yourself from thieves using an infrared sensor.

Safety Tips for Online and Mobile Holiday Shopping

Still wary of using your card in stores? Online and mobile shopping are alternatives to navigating the crowds, but still require you to be careful. Here are some tips to help keep your online and mobile holiday shopping experience merry.

1. Check the URL first. Misdirecting people with bad URLs is one of the oldest trick in the online scammer handbook. It is important to always double-check the address of the website when you are making a purchase online. Look for a URL that begins with “https,” since the “s” means the website is secure. You may also notice a small lock icon on secure websites. Learn more about checking the security of a site here.

2. Don’t store your payment information. Many websites or apps let you store your credit or debit card information to make future transactions easier. While this might be tempting to do so you can save time, you are putting your information at risk. If the website is breached, your data stored on its servers will be easy pickings. It’s far better to be a little inconvenienced than to put your information in someone else’s hands. If the site automatically stores your personal information, be sure to log in after the transaction is complete to delete your payment information and address.

3. Don’t shop on a public computer or over an unsecured Wi-Fi connection. The dangers of public computers and unsecured Wi-Fi connections are plenty, but the biggest risk comes when you use your personal information. A public computer, such as those used at work or school, is no place to be crossing off items on your holiday shopping list. If you aren’t completely logged out of your accounts, someone else might come along and gain access to your information (or go on a shopping spree). In addition, you have no way of knowing whether or not a public computer has been infected with malware or spyware. Similarly, unsecured Wi-Fi connections are a gamble. You never know who else is watching. It’s best to do your mobile and online shopping at home, using a secure Wi-Fi connection.

4. Install Internet security software. Many software suites these days do more than scan your computer for viruses. They offer extra security to your browser so you can shop and bank online with peace of mind. Kaspersky has a feature called Safe Money that opens a secure, encrypted browser window when you are making purchases or checking your bank statement online, as well as a virtual keyboard so you can enter sensitive information without using your computer’s keyboard. Bitdefender has a similar feature, called SafePay. What’s more, both of these security suites also offer mobile protection apps to help keep you secure while shopping on the go.

Consider Signing Up for Identity Theft Protection

During the aftermath of the many data breaches which have occurred over the past year, most companies have offered victims free identity theft protection service. This is an important service to have, but you don’t need to wait until you are the victim of a data breach to get it. Top-rated identity theft protection services like Identity Guard or TrustedID cost less than $20/month, so they are affordable. They also provide a plethora of great features, including credit reports and scores and monitoring of your public records as well as personal and financial information on the Internet black market. If your identity is compromised, these services will work to ensure that your good name is restored and you recover any financial losses.

Unfortunately, breaches are a reality you can’t predict or prevent. Even as businesses upgrade their systems and beef up security, thieves across the globe are working just as hard to find any cracks they can squeeze through. Fear of data theft shouldn’t stop you from using your credit or debit cards, but it should make you want to become a savvier shopper. Using these tips and taking a proactive approach to protecting your identity will help you be prepared if the worst case scenario happens.