Personal Finance

Credit card clampdown gives shoppers holiday headache

Ben Popken
WATCH LIVE
A customer uses a credit card scanner at a Target store in Miami.
Getty Images

Last-minute holiday shoppers and gift returners, cross your fingers before you swipe.

Eager to prevent another Target style breach and clamp down on fraud, credit card companies are creating headaches for some consumers, canceling cards and denying purchases during this hectic shopping season.

The industry says it's just doing what needs to be done to protect the system when it presents the juiciest prize to fraudsters.

More from TODAY:
Remember Beanie Babies? TODAY looks at '90s craze
Clooney! Jolie! A look back at 19 of 2014's big celeb weddings
Batteries not included: 3 tips to survive Christmas Eve toy assembly

Doing some last minute shopping?  Try these apps
VIDEO3:1803:18
Doing some last minute shopping? Try these apps

"The goal of criminals is to steal as many credit cards as possible. If that's your goal, you're going to attack retailers when the busiest holiday shopping takes place," said Jason Oxman, CEO of the Electronic Transactions Association, a trade group.

To the extent more fraud checks are occurring, he said, "it's because more credit transactions are happening."

But what irks consumers most is that even their ordinary shopping behavior seems to be triggering tripwires.

Beth Waterfall-McSweeney, a 35-year old marketing manager from Rockland, Massachusetts, frequently shops online at Talbots.com. This Sunday she was trying to check out when her transaction was blocked and Bank of America texted her to say her account had been suspended. When she called to confirm her purchases and recent transaction activity, the customer service rep thanked her and as a "safety precaution" canceled her debit card and sent her a new one.

Read MoreIs it time to buy your kid a drone for Christmas?

"It was pretty annoying," she said. "I'm trying to do Christmas shopping and food shopping and don't have an ATM card."

Security experts say the credit card companies are skittish after a year of hacks, with millions of records snagged via malware-infected credit card terminals. In October, the FBI announced 519 million financial records had been stolen in the past 12 months, more than one theft for every person in America.

"Credit card companies don't really trust retailers to secure credit card data," said Eric Chiu, president of HyTrust, a computer security company. "They're ratcheting up their algorithms to detect fraud and proactively reaching out to consumers to confirm purchases."

Read MoreWatch out for these big changes to your credit cards

Ron Sadowski, marketing director at RSA, the security division of EMC, said that he's seen his customers over the past year buying beyond their budgets for encryption and fraud monitoring systems. In addition, he said, he's seen plans on the IT side for increased diligence and staffing during the busy holiday season.

Using that beefed-up technology, and incorporating reams of data collected on our behavior, there's several different ways credit card companies are tightening the noose at checkout this Christmas.

Shoppers are used to out-of-state purchases triggering a fraud alert, but banks are narrowing what they consider 'normal' billing area and normal purchase history, said Sadowski.

For instance, a pair of shoes bought a few neighborhoods over from where you usually shop could activate a text message asking you whether you authorized the activity.

This is necessary, said the Electronic Transactions Association's Oxman, because there's eastern European websites that allow criminals to search for stolen credit cards by zip code. This allows crooks to counterfeit credit cards and use them within that zip code to try to avoid fraud detection.

"That requires banks to up the algorithm," said Oxman.

Read MoreHow to protect your data? Think like a hacker

Also, the usual triggers for fraud checks are gas stations, jewelry, electronics, repeated low or high volume transactions and using self-serve kiosks. But with the fraud detection robots using ever more sophisticated models, even seemingly innocent behavior can send an alarm.

Susan Stoga, a communications professional from Illinois said her American Express was declined twice at Walgreens "for no apparent reason." Earlier that day she used it buy food at Panera Bread.

Experts say it's all part of the Christmas crackdown.

"They were caught off guard due to the scams and they're continuing to tighten up fraud controls when in the busy holiday season," said said Avivah Litan, a cybersecurity analyst at Gartner.

Another strategy involves denying an individual purchase, even if the customer has enough available credit, until they call in to verify it.

And if you were a victim of the Target, Home Depot or other retailer hacks this year, your card might be on a watch list, said Litan. Being on one of these lists could make you more likely to get a fraud alert, a transaction denied or even have your card canceled on the spot. That goes for your partner too or for anyone else who might share an account with you, she said.

While all of these techniques are meant to make shopping safer, they can also add to shopper frustrations during an already stressful time.

"It puts more burden on the consumers," said Chiu. "They're the ones bearing the brunt from all of these major breaches."

Read More

With the onus on shoppers, there are a few things harried holiday buyers can do to protect themselves and avoid nuisances at checkout.

  • Planning to travel and buy or return presents after you land? Call your credit card company and give them a heads up that you'll be making some out-of-state purchases soon.
  • If your credit card company recently reissued you a new card, cut up the old one and start using the new one. Credit card companies usually give you a few weeks to switch over but the old one is more likely to trigger a fraud alert.
  • If your card keeps getting declined and you have to call to get it operating again, you can ask your credit card company to send you a new one. That way, says Litan, they know you're starting with a fresh card and are less likely to get in your way.
  • Don't ignore fraud verification messages. Many systems can "learn" from experience. "Teach" them what is and isn't suspicious and you can decrease how frequently they annoy you.
  • And of course, there's always cash, although carrying around a big holiday wad has its own risks.