Barnes & Noble security breach shows why we shouldn't pay with debit cards

Credit card being swiped through a card reader

A security breach at Barnes & Noble stores is a grave reminder of why you should never use debit cards to make retail purchases. Ever.

Cashiers routinely instructed customers to swipe their credit or debit card through keypads placed in front of the registers.

Then thieves broke into those "point-of-sale" card readers at 63 Barnes & Noble bookstores in nine states.

Barnes & Noble didn’t disclose how the breach occurred, but according to a press release, the hackers installed malware on the devices to grab the card numbers and PINs as customers typed them in.

Once thieves have that info for a debit card, they have everything they need to drain a checking account.

If your credit card is stolen, you’re liable for no more than $50 worth of fraudulent charges.

If your debit card is stolen, you could lose a lot more, depending on how long it takes you to discover and report the unauthorized use.

If you do so immediately, you're still only liable for $50.

But wait more than two days, and that number jumps to $500. Wait until 60 days after the statement on which the fraud appears is mailed to you, and you're liable for every cent in your bank account plus any unused line of credit you may have set up to cover overdrafts.

Now, many banks will match the same protections as credit cards, but by law, banks aren't required to.

Even if you report the fraud in a timely fashion and your bank reimburses you, you could be without access to your checking account and the cash you need to pay your bills for some time.

It’s just not worth it.

When making purchases at a retail store, stick with a credit card.

If you don’t use credit cards because you’re paying off debt, or just don’t like buying on credit, then pay with cold, hard cash. It’s the only real way to protect your bank account.

And if you absolutely must pay with a debit card because it’s the only thing you have on hand, make sure you’re handing your card to a real, live human being and not relying on a self-pay system.

A Barnes & Noble spokesperson said the swipe-it-yourself keypads have been removed from all of their bookstores.

I can see why. It’s just too easy for someone to hack into the system or slip a skimmer onto the machine and take you for all you’ve got.