Credit Card Security Add-Ons? They Help Banks, Not You

Credit card and lock isolated on white
Getty Images

Two big banks have recently been caught collecting fees for services of dubious value to customers of their credit cards.

The Consumer Financial Protection Bureau on Sept. 25 ordered U.S. Bancorp (USB) to return $48 million to 420,000 customers who held credit cards or loans with the bank. The reason? U.S. Bank had charged customers for add-on products such as identity theft protection and credit monitoring services, but the federal agency found that customers didn't receive any services from buying those products.

The CFPB took issue with the way in which U.S. Bank tried to acquire customers for those services. Rather than getting the necessary written authorization for the access to credit information that it would need to provide what it called "Privacy Guard" and "Identity Secure," U.S. Bank simply accepted inadequate enrollment paperwork and automatically started charging fees to those customers' accounts. As a result, U.S. Bank's third-party service provider wasn't able to fulfill its end of the deal, neither monitoring customers' credit nor taking action in the event of certain breaches.

In addition to the full refunds to customers, U.S. Bank will pay $9 million in penalties: $5 million to the CFPB and $4 million to the Office of the Comptroller of the Currency.

The Confusion Over Add-On Services

U.S. Bank isn't the first financial institution that the CFPB has found in violation of laws and regulations covering credit card use. In April, Bank of America (BAC) faced much broader allegations of deceptive marketing and unfair billing practices and eventually paid $727 million to customers, with 1.4 million people who faced deceptive marketing efforts receiving $268 million and the other $459 million going to 1.5 million consumers who enrolled in credit-monitoring products.

CFPB took issue with the way that Bank of America started charging customers during a 30-day review period, and the regulator criticized the misleading enrollment process and erroneous information about benefits that the bank made to potential customers. Like U.S. Bank, Bank of America didn't get the required paperwork to provide identity-protection services. Bank of America's penalty to the CFPB amounted to $20 million.

Mostly Unnecessary Services

In most cases, the monitoring services and identity-theft protection that financial institutions sell aren't necessary. For instance, free access to your credit information is federally mandated, and all you need to do to get it is to visit If you fear that you've been the victim of credit fraud, then you can request a credit security freeze that will prevent unwanted access to your credit information for third parties.

Similarly, although fraud services tout the thousands of dollars that a typical identity thief will reap from a stolen credit card, federal law limits your liability for credit card fraud to $50. Most card issuers don't even charge that much in the event of a breach. As a result, the insurance coverage will usually be largely wasted.

In the end, you need to be skeptical about most add-on services that credit card companies offer to their customers. In many cases, you'll find that the services they promise aren't worth the price you'll pay -- if the company actually provides the service at all.

You can follow Motley Fool contributorDan Caplingeron Twitter@DanCaplingeror onGoogle Plus. Heowns warrants on Bank of America. The Motley Fool recommends and owns shares of Bank of America.To read about our favorite high-yielding dividend stocks for any investor, check out our free report.