“Loose” approach to credit card security