Federal law limits consumers' liability for credit card fraud to $50. But if you're a victim of fraud, it's more than likely that you'll have no out-of-pocket responsibility at all. Stolen numbers (as opposed to stolen cards) incur no liability, and most major issuers have zero liability policies anyway. See the list of issuers below.
What the law says
According to the federal Fair Credit Billing Act:
- If your credit card — the physical card — is stolen and used by a crook, your issuer can hold you responsible for up to $50 in fraudulent charges. However, if you report the card stolen before any fraudulent charges are made, you have no liability.
- If your card number is stolen but you’re still in possession of the card — which is usually the case in a data breach or hack — you’re not responsible for any fraudulent charges.
Of course, there will still be hassles involved. If you get a new card with a new number (which is standard procedure in credit card fraud cases), you'll have to update the credit card information on your online accounts. You'll also want to keep an eye on your credit report for other signs of identity theft. But you can rest assured that you won't be paying for some crook's shopping spree.
Stop fraud in its tracks
With a NerdWallet account, you can see all of your credit card activity in one place and easily access your credit report to spot any red flags quickly.
On top of the legal limits on your liability are individual issuers' policies. All of these issuers offer $0 liability on unauthorized charges:
- American Express
- Bank of America®
- Barclaycard
- Capital One
- Chase
- Citibank
- Discover
- PNC Bank
- USAA
- US Bank
- Wells Fargo
Many other, smaller issuers have zero liability policies as well. Call the number on the back of your card and ask. Or check the issuer's website.
Every issuer has a different process for investigating and resolving claims of fraudulent charges. Some move faster than others, and it’s always important to notify your issuer as soon as you know an unauthorized charge has been made. But in the end, you won’t be on the hook for much, if anything.
» MORE: How to prevent credit card fraud
Fraud liability for debit cards
If it's a debit or ATM card that's been stolen or compromised, your liability could be substantially higher than with a credit card. According to the Federal Trade Commission, your maximum liability for debit card fraud is:
- $0 if you report a physical card stolen before any charges are made, or if your account number is compromised and you report fraudulent charges within 60 days of the date on the account statement showing the charges.
- $50 if you report your card stolen within two business days of learning about the theft.
- $500 if you report your card stolen more than two business days after learning about the theft but within 60 days of your account statement date.
- Unlimited if you wait more than 60 days after your account statement is sent to you. If you dawdle, the crooks could drain all the money from your account, and possibly from linked accounts, too.
Of course, banks can provide more protection than the law requires, and many do. Check with your bank to see whether it offers reduced or even zero liability on your debit or ATM card.
