Credit agencies collect a lot of data – from your Social Security number to your utility account numbers – to develop credit reports, some of which are free for you to use whenever you want. While these reports can help you get loans, lines of credit and other products, you want to ensure the companies behind them do all they can to protect your data.
Not too long ago, we spoke about four qualities trustworthy credit agencies display, but how do you know your credit agency cares about protecting your data?
1. They use Secure Sockets Layer
Secure Sockets Layer (SSL) is a technology that creates a secure connection between your computer, smartphone or tablet and a website. For example, suppose you want to receive a free credit report from PRBC, an alternative credit agency. The company's website, PRBC.com, uses SSL. So every time you visit the site, the connection is encrypted, meaning hackers can't see what you're doing on PRBC.com.
For example, if you were to enter your email address on the website, SSL would only allow you to see the actual address. To someone else, it would look just like gibberish.
2. They're compliant with PCI DSS 3.0
Upon visiting a credit agency's website, make sure they're compliant with Payment Card Industry Data Security Standard 3.0. Although you've probably never heard of it, PCI DSS is a global standard that helps businesses process card payments securely. It defines how a company should store, deliver and process cardholder data.
Now, credit agencies don't actually complete card payments, but they do store, transmit and analyze your card information, so they have to be PCI DSS 3.0 compliant. Nine out of 10 security professionals recommend enterprises use the standard to protect their customers' data. Achieving PCI DSS 3.0 compliance is no easy task either, so if a credit agency has it, you know they've put a lot of work into securing their infrastructure.
3. They encrypt your credentials
If your credit agency allows you to view your report online by setting up an account, then it should encrypt your username and password. Encryption involves masking your login information. That means a hacker can't see what your username or password is. Look for credit agencies that use 256-bit AES encryption – that's arguably the best standard out there. You can find this information by reading the agency's security page.
4. They regularly test their infrastructure for vulnerabilities
Technology changes quickly. That means the security protocols a company put into place a year ago may not work anymore. Find a credit agency that tests their defenses on a continuous basis. These types of businesses stay ahead of hackers, finding vulnerabilities before any bad guys can take advantage of them.
Keep in mind that there's only so much a business can do to prevent your information from getting stolen. Make sure your own computer is protected by updating software regularly, installing anti-virus software and disabling automatic login settings for all of your accounts. Don't make it easy for hackers to steal your data!