ITRC Fact Sheet 131
Credit Card vs. Debit Card

 This fact sheet will cover:

The World of Debit vs. Credit

According to a Nilson Report in April, 2009, 78 percent of American households - about 91.1 million - had one or more credit cards at the end of 2008. “In less than 15 years, debit card transactions in the United States grew from 1 percent of noncash transactions to more than 50 percent." (Source: Tower Group, August 2009)

Visa reports there are 309 million Visa credit cards and 352 million Visa debit cards in circulation in the United States. MasterCard states that as of Sept. 30, 2009, there were 211 million MasterCard credit cards and 130 million debit cards. According to data from the U.S. Census Bureau, there were 159 million credit cardholders in the United States in 2000, 173 million in 2006, and that number is projected to grow to 181 million Americans by 2010.

The fact of the matter is banks make money on purchases made with debit or credit cards. Whether it is a percentage based fee on a “signature” transaction or a flat fee for a PIN-based transaction, banks profit from consumers’ growing use of plastic.

You have two main choices when making purchases with a card:

Credit cards – making purchases with the creditor’s money until billed
Debit cards – having your money immediately extracted from the linked account

What is a credit card?

A credit card is a bank-issued card that allows people to purchase goods or services from a merchant and to pay for them at a later date. Every month the credit card company provides a bill, which reflects the card activity during the previous 30 days. Also, credit cards may be sponsored by large retailers (such as major clothing or department stores) or by banks or corporations (like VISA, MasterCard or American Express).

 About Credit Cards:

  • Must be applied for with a bank or other creditor (i.e. department store).
  • Allows consumer to buy goods and services on credit
  • Limited by the available credit at the time of purchase
  • “Buy Now, pay later”
  • Allows for disputes with vendor – option of withholding payment should there be dissatisfaction with product or service or in the case of a fraudulent charge
  • Many come with Reward Programs and extended warranties on purchases
  • Best form of payment for on-line purchases
  • Greater protection from fraud loss if reported within 60 days
  • If you find an error, you have 30 to 60 days to notify the creditor in writing and need not pay the amount in question during the investigation

Fair Credit Billing Act

  • If reported within 60 days, maximum liability for the unauthorized use of the credit card is $50
  • If reported before fraudulent use, cannot be held responsible for any unauthorized charges

 What is an ATM Card?

The ATM card is the most basic form of “plastic.” An ATM card is offered by financial institutions as a method of withdrawing cash/funds through the use of Automated Teller Machines. In addition to withdrawing money, you can check account balances, transfer money between accounts or deposit funds into an account. The Debit feature, adding the ability to make purchases, is a feature now offered by most financial institutions.

 What is a Debit Card?

According to the Federal Deposit Insurance Corporation (FDIC), a debit card looks like a credit card but works like an electronic check. A debit card is linked with the customer’s checking or banking account. When used, money is immediately withdrawn from that account. There are two ways for a merchant to process a debit card transaction:

  • Debit with PIN – In this instance, you press “debit” and enter a PIN (secret numeric number) to authorize the purchase. Once this has been entered, you need not sign for the purchase. In transactions where the PIN is used, you may have the opportunity to get cash back over the cost of the purchase.
  • Debit with Signature- For these transactions, you sign the merchant’s copy of the receipt. At the check-out counter, you hit the “credit” option then sign for the purchase. You can also use a debit card on the Internet and over the phone as a “credit card.”

The problem with Debit cards is that they can be used for credit without your PIN. The swiping of a debit card, with the use of a forged signature, can easily wipe out your account/s.

Debit Cards

  • Readily available with the establishment of a checking or savings account
  • Cash removed immediately from a linked account
  • May be attached to a checking, savings or brokerage account
  • Very important to protect Personal Identification Number (PIN)
  • Alleviates concerns over finance charges and interest rates
    • However, user fees may be charged at point of purchase
  • Limited to the amount of funds in designated account
  • Can result in overdraft fees in cases of insufficient funds
  • In cases where additional accounts are attached for overdraft protection, there is a risk of these accounts being drained of funds
  • No ability to place a “stop payment”

Electronic Funds Transfer Act

  • Limited time to report loss or unauthorized use of card
  • If debit card is reported missing before it is used, cannot be held responsible for any unauthorized charges or withdrawals
  • If reported within 2 business days, cannot be held responsible for more than $50
  • If reported after two business days but before 60 days, the most you could lose is $500
  • Card issuer has 10 business days (from notification) to investigate error
    • Pending continuing investigation, funds must be returned to consumer’s account on 11th day.
    • If no fraudulent activity is detected, the funds may be withdrawn from consumer’s account.
  • If loss is not reported, greater risk of losing all funds in account
  • In case of fraudulent charges/losses, consumer has to fight with bank to have funds replaced

 The Dangers of Plastic Cards: 


A growing threat to both credit card and debit card users is an activity commonly known as "skimming."  Skimming occurs when thieves set up a scanning device that captures the magnetic strip and keypad information from ATM machines, gas pumps, and retail and restaurant checkout devices.  This allows for the duplication of the card enabling it to be used as either a debit or credit card.

Example 1: 

After the waiter takes your debit card for payment, he skims (scans) the card before returning it to the table. With this number in hand, there exists the possibility of duplicating that number onto a fraudulent debit card. At this time, the new card may be swiped as a CREDIT purchase without the need for a PIN number.

Example 2: 

You pull into a gas station to fill up your tank. Someone has mounted a skimmer on the face of the point of purchase device. At this point, the thief has the information necessary to create a fraudulent card. Additionally, an extra device may be placed within the line of sight of the keypad to video record your PIN code.

Key Logging 

Key logging comes in two forms: the first form is a physical device which can be attached to a computer, most commonly via the keyboard input port. These devices tend to collect a finite number of key strokes. The device can then be removed and used by the thief to see every key stroke made on that computer.

The second form of key logging is software-based. In other words, this is a program which may be added to your computer by logging into a website, receipt of a bogus email, or the exposure to a virus or Trojan horse. This type of key logging will transmit your exact key strokes to a remote location where the thief can have access to it. This occurs whenever your computer is logged on to the internet.

Example 1: 

Mr. Brown is a traveling salesman staying at a well-known hotel equipped with a business center. He uses the business center computer to access various accounts. Once he leaves the computer, the thief comes by and removes the physical key logger device.

Example 2: 

A software-based key logging program has been loaded on your computer by way of a Trojan horse. Unaware, you go through your day to day on-line activities which included monitoring your financial accounts, accessing emails, on-line shopping, etc. The entire time your computer is linked to the internet, it is communicating your keystrokes to a remote site. The thief may then retrieve this information at will.

ITRC Recommendations: 

  • Use caution when using stand-alone ATMs, especially those which might seem out of place. 
  • Establish a separate account for debit purchases. Make sure that this account is NOT linked to any other accounts. This avoids the draining of all your attached accounts due to fraudulent purchases.
  • Limit your use of debit cards.


This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it..




ITRC Sponsors and Supporters 





Go to top


The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.