Editor's note: As the new college year revs up, Consumer Reports Money Blog devotes several days to the personal finance issues of college students. Here, Laura Veith, one of our college-age summer interns, muses on what she's learned about debit-card management:

There are many things I’ve learned about my personal finances since leaving the comfort of my parents' house. One of these is that a debit card is not invincible. Thankfully, I have never lost my debit card nor been a victim of debit-card fraud. But with issues arising in a greater frequency regarding debit cards, I wish I initially knew about the complications associated with the plastic in my purse. However, through my own personal experience and the opportunity to work at Consumer Reports, I feel that I have a better grasp of the perils of debit cards. The tips I have gathered below are a good start to the essential information that every teenager or new debit card owner should know.

For one, I have learned to monitor my debit card statements electronically. Though it may seem extreme, I like to check my balance every two days or so. That frequency may increase on days when I have made many purchases, such as at the beginning of the school year when I am responsible for buying books and other school essentials. I may check less frequently at other times. Either way, I think careful scrutiny of your account is the best preventive measure. Also, electronic statements are quick, easier to read than mailed statements, and a great way to stay on top of your expenditures.

My work here at Consumer Reports has taught me other helpful ways to protect my debit card. First, Consumer Reports Money Adviser has suggested that consumers not type in their PINs at the gas pump because it allows easier retrieval of your PIN. Who knew! After reading that article, I have started following those instructions and tell my friends to do the same. With all the horror stories about debit cards floating around, this simple alternative makes me feel more secure.

Second, I learned when to report a missing card or fraudulent purchase. One time during school I lost my debit card. I went on a panicked search for it and when it was nowhere to be found, I informed my parents. I didn’t inform the bank right away because I hoped it would turn up. Sure enough, it did. However, I wouldn’t have known what to do at the time if it went missing. This summer, four years after my receiving a debit card, CRMA taught me the proper procedure: Report any errors or issues with your debit card within two days of noticing the loss. In this time frame, a debit card user has a greater chance of combating the problem. 

Although these helpful suggestions led me on the path to understanding the security of debit cards better, I still wish I knew more. There are probably stacks of written material regarding this issue that I just haven’t found the time to look through yet. But I think my experience through mistakes–and working at Consumer Reports–provided a solid start.

Laura Veith is a junior at the University of Michigan, majoring in English.

Banks in the U.S. have put the burden on others to deal with credit- and debit-card identity theft, rather than spend the money for more effective measures used in Europe, one prominent expert told us yesterday. As a result, we could continue to experience more ID thefts like the heist of 130 million credit- and debit-card names reported earlier this week. That’s not the kind of crime that’s easy for consumers to prevent. But here are a couple of tips for what consumers CAN do.

• To determine if your card could have been among those that were compromised, monitor your accounts carefully to spot signs of unauthorized purchases or withdrawals.  Don't wait until you receive notice from your bank. Banks typically will notify you that you’re a possible data breach victim only after their fraud detection system has detected a signal indicating fraud, says Avivah Litan, an analyst specializing in fraud detection and prevention at Gartner Research in Stanford, Ct. But fraud detection systems are designed to alert card issuers when a pattern of transactions that are out of character occur,  and to avoid sending too many “false positive”  signals,  they may not transmit warning signals until after one or two unusual transactions have already occurred. 

• At a minimum, check monthly credit card and bank account statements as soon as they arrive. If you have online access,  you might want to check your bank account more often to immediately spot questionable debit charges or cash withdrawals.

• When using plastic, opt for the choices that give you the greatest protection. If thieves steal data transmitted by your card when you’re making a transaction, you’ll have greater protection and less hassle in resolving fraud-related problems if you use a credit card rather than a debit card.  When you do choose debit,  sign for your transaction rather than typing in your PIN.–Andrea Rock

As we reported previously, criminals have become increasingly adept at hacking computer systems at banks, data processors and other links in the financial chain to steal consumers’ credit and debit card data en masse.

The latest in a string of such data breaches is the report this week that charges have been filed against a team of cyber-criminals who stole more than 130 million credit and debit card numbers used by customers whose card charges were processed via computer networks operated by Heartland Payment Systems, and/or made purchases at 7-Eleven, Hannaford Brothers supermarkets and other retailers 

Another major breach disclosed in late July revealed that personal and financial data for nearly 600,000 credit and debit cardholders was stolen by hackers who intercepted financial transactions of customers making purchases from online merchants whose websites were hosted by Network Solutions, a company that provides such services for more than 10,000 small retailers nationwide. The card data was stolen during the period from March 12 through June 8, 2009.

There’s not much consumers can do to guard against such large-scale data breaches, but there’s plenty that U.S. card issuers could be doing but aren’t to prevent this kind of cyber-theft, according to Avivah Litan, an analyst specializing in fraud detection and prevention at Gartner Research in Stanford, Ct.  

Cards carrying magnetic stripes encoded with customers’ account information are still the standard in this country, but card issuers in European nations and a growing number of other countries throughout the world have switched to cards that rely on the much safer “chip and PIN” system.  To make a purchase or withdraw cash using these “smart cards”, a thief would actually have to have the chip that is embedded your card which contains a mini computer processor linked to your account information.  Some smart card transactions also may require a personal identification number. 

“If everyone were on the chip and PIN system, criminals wouldn’t be able to just steal what they need from computer servers,” says Litan.  “The U.S. banks have resisted switching to chip and PIN because they don’t want to spend the money, so instead they’ve gotten retailers and payment processors to spend more than $2 billion on upgrading their security to meet card industry standards. But  that’s a Band-Aid security solution that is clearly not working.  U.S. issuers need to bite the bullet and switch to chip and PIN.”–Andrea Rock

With a federal credit of up to $4,500, the "cash for clunkers" program is providing a big incentive for consumers to trade in their gas guzzlers for the purchase or lease of a new fuel-efficient vehicle. But don’t let all the excitement leave you paying too much, choosing a car you really don’t want, or even ending up victimized.

• Watch for scams. The Better Business Bureau reports that even before the Car Allowance Rebate System (CARS) was passed by Congress, federal authorities found Web sites soliciting consumer names, addresses and Social Security numbers, all on the pretext of registering people for the program. That information could be used to steal your identity or apply for credit in your name. Keep in mind that you don’t need to register or obtain a voucher. A CARS participating dealer will do all the necessary paperwork for you. 

• Avoid contingency agreements. The U.S. Department of Transportation’s CARS Web site is advising car buyers not to asign so-called contingency agreements, promising to reimburse the dealer if the federal government rejects the credit for their purchase. Some dealers are asking customers to sign such a promise, the agency said. Also, dealers must allow you to take your new car immediately. Some are holding onto the vehicle until the CARS application is approved..

• Don't pay too much. Seeing growing demand and smaller vehicle inventories, dealers may resist consumers who attempt to negotiate great deals. That’s especially likely once the CARS program again begins running out of money. Estimates are that current funding should last through Labor Day. 

To make sure you’re getting a good deal, discover the available incentives and even find what other buyers are paying. Consumer Reports car price reports and new car buying kits can provide detailed pricing information to empower negotiations, including dealer holdback, hidden dealer incentives, and rebates. The free TrueCar site provides recommendations for good and great prices based on what others are paying for specific models nationally, regionally, and in your local area.

• Don't buy a bad car. Finally, don’t let the prospect of a CARS credit pressure you to settle for a vehicle you don’t really want. That might happen as inventories for the most reliable, fuel-efficient, and top-rated vehicles decline because of CARS-driven demand. If necessary, forget the credit and wait until a dealer has something worth owning or leasing. It may be a short wait, as 2010 models are arriving this month. As demand declines after the CARS program ends, there should be plenty of good deals to compensate.

For more information about the program, visit the CARS Web site or Consumer Reports Cash for Clunkers resource center.–Anthony Giorgianni

In my last blog, I mentioned the potential demise of the current paid fraud alert system, courtesy of a U.S. District Court ruling prohibiting commercial entities from placing fraud alerts on credit reports for paying customers. As we’ve reported, consumers can place those alerts themselves for free, though those alerts aren’t always enough to stop fraud.

Debix is one such company that’s agreed to stop placing such fraud alerts. But in its place, the company has come up with a better mousetrap, for a fee, that may well be worth the money.

Debix’s current system relies on fraud alerts as a “trigger.” When a prospective lender sees the fraud alert, the lender is supposed to call you through the Debix phone system, which gives you an authorization signal (so you know the call is legitimate), and informs you that someone is applying for a loan in your name. The lender then asks you to push the appropriate button on your phone to indicate whether the loan application is legitimate. If it’s not, a Debix investigator gets on the phone, conferences in the lender, and gathers information about the fraudulent application, including names, addresses, and description of the crook applying for the loan.

A recently released report on data breaches indicates that organized crime has fueled a big increase in the hacking of records of banks and other financial service providers. The report says thieves are becoming increasingly successful at stealing PIN numbers that allow them to drain cash from cardholders’ checking, savings or brokerage accounts.

The 2009 Data Breach Investigations Report is based on firsthand evidence collected during breach investigations conducted by Verizon Business.  A total of 285 million electronic records were breached in 2008—more than the previous four years combined—with banks and brokerages accounting for 93 percent of the compromised records.  “Financial services firms were singled out and fell victim to some very determined, very sophisticated and—unfortunately--very successful attacks,” the report notes.

Organized crime has developed new tools for hacking computer systems at banks, data processors and other links in the financial chain to steal what has become the Holy Grail for thieves:  PIN data on ATM and debit cards. Thieves no longer are very interested in stealing magnetic-stripe information from credit cards. Massive data breaches have increased the supply so dramatically that the black market price has dropped from as much as $16 per stolen credit card record in mid-2007 to less than 50 cents now, Verizon investigators say.

That ubiquitous yet mysterious barcoded label found on almost every consumer product imaginable turned 35 years old this week. The Universal Product Code, or UPC, as it’s known, has been around so long that many of us have forgotten how grocery clerks, for example, used to press numeric keys on an actual mechanical cash register to painstakingly ring up product prices. I can still remember the metallic crescendo the adding machine played when the cashier tallied the order total.

I also recall the widespread concern that accompanied the debut of all those cryptic lines. Many skeptical consumers worried about pricing accuracy and complained that the speedy scanners worked so fast it was almost impossible to make sure the prices were on target. 

With the April 15 tax deadline looming, I thought I’d share my own timely tale as the victim of identity theft, an ordeal that began 13 months ago when I tried to file my 2007 Federal tax return online only to have it rejected because some fraudster beat me to the punch.