It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you’ve been holding out because you’re not particularly worried about ID theft, here’s another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable revenue stream.
Enacted in May 2018, the Economic Growth, Regulatory Relief and Consumer Protection Act rolls back some of the restrictions placed on banks in the wake of the Great Recession of the last decade. But it also includes a silver lining. Previously, states could charge a confusing range of fees for placing, temporarily thawing or lifting a credit freeze. Today, those fees no longer exist.
A security freeze essentially blocks any potential creditors from being able to view or “pull” your credit file, unless you affirmatively unfreeze or thaw your file beforehand. With a freeze in place on your credit file, ID thieves can apply for credit in your name all they want, but they will not succeed in getting new lines of credit in your name because few if any creditors will extend that credit without first being able to gauge how risky it is to loan to you (i.e., view your credit file).
And because each credit inquiry caused by a creditor has the potential to lower your credit score, the freeze also helps protect your score, which is what most lenders use to decide whether to grant you credit when you truly do want it and apply for it.
To file a freeze, consumers must contact each of the three major credit bureaus online, by phone or by mail. Here’s the updated contact information for the big three:
Online: Equifax Freeze Page
By phone: 800-685-1111
By Mail: Equifax Security Freeze
P.O. Box 105788
Atlanta, Georgia 30348-5788
By phone: 888-397-3742
By Mail: Experian Security Freeze
P.O. Box 9554, Allen, TX 75013
By Phone: 888-909-8872
By Mail: TransUnion LLC
P.O. Box 2000 Chester, PA 19016
Spouses may request freezes for each other by phone as long as they pass authentication.
The new law also makes it free to place, thaw and lift freezes for dependents under the age of 16, or for incapacitated adult family members. However, this process is not currently available online or by phone, as it requires parents/guardians to submit written documentation (“sufficient proof of authority”), such as a copy of a birth certificate and copy of a Social Security card issued by the Social Security Administration, or — in the case of an incapacitated family member — proof of power of attorney.
In addition, the law requires the big three bureaus to offer free electronic credit monitoring services to all active duty military personnel. It also changes the rules for “fraud alerts,” which currently are free but only last for 90 days. With a fraud alert on your credit file, lenders or service providers should not grant credit in your name without first contacting you to obtain your approval — by phone or whatever other method you specify when you apply for the fraud alert.
Another important change: Fraud alerts now last for one year (previously they lasted just 90 days) but consumers can renew them each year. Bear in mind, however, that while lenders and service providers are supposed to seek and obtain your approval before granting credit in your name if you have a fraud alert on your file, they’re not legally required to do this.
Having a freeze in place does nothing to prevent you from using existing lines of credit you may already have, such as credit, mortgage and bank accounts. By the same token, freezes do nothing to prevent crooks from abusing unauthorized access to these existing accounts.
According to experts, the bureaus make about $1 every time they sell access your credit file. However, a freeze on your file does nothing to prevent the bureaus from collecting information about you as a consumer — including your spending habits and preferences — and packaging, splicing and reselling that information to marketers.
When you place a freeze, each credit bureau will assign you a personal identification number (PIN) that needs to be supplied if and when you ever wish to open a new line of credit. When that time comes, consumers can temporarily thaw a freeze for a specified duration either online or by phone (see above resources). Needless to say, it’s a good idea to keep these PINs somewhere safe and reliable in the event you wish to unfreeze.
One important caveat: It’s best not to wait until the last minute before starting the freeze thawing process, which can be instantaneous or can take a few days. The easiest way to unfreeze your file for the purposes of gaining new credit is to spend a few minutes on the phone with the company from which you hope to gain the line of credit (or research the matter online) to see which credit bureau they rely upon for credit checks. It will most likely be one of the major bureaus. Once you know which bureau the creditor uses, contact that bureau either via phone or online and supply the PIN they gave you when you froze your credit file with them. The thawing process should not take more than 24 hours, but hiccups in the thawing process sometimes make things take longer.
CREDIT LOCKS AND CREDIT MONITORING
All three big bureaus tout their “credit lock” services as an easier and faster alternative to freezes — mainly because these alternatives aren’t as disruptive to their bottom lines. According to a recent post by CreditKarma.com, consumers can use these services to quickly lock or unlock access to credit inquiries, although some bureaus can take up to 48 hours. In contrast, they can take up to five business days to act on a freeze request, although in my experience the automated freeze process via the bureaus’ freeze sites has been more or less instantaneous (assuming the request actually goes through).
TransUnion and Equifax both offer free credit lock services, while Experian’s is free for 30 days and $19.99 for each additional month. However, TransUnion says those who take advantage of their free lock service agree to receive targeted marketing offers. What’s more, TransUnion also pushes consumers who sign up for its free lock service to subscribe to its “premium” lock services for a monthly fee with a perpetual auto-renewal.
Unsurprisingly, the bureaus’ use of the term credit lock has confused many consumers; this was almost certainly by design. But here’s one basic fact consumers should keep in mind about these lock services: Unlike freezes, locks are not governed by any law, meaning that the credit bureaus can change the terms of these arrangements when and if it suits them to do so.
If you have already signed up for credit monitoring services, placing a freeze on your file should not impact those services. However, it is generally not possible to sign up for new credit monitoring services once a freeze is in place. So if you wish to avail yourself of credit monitoring, it’s best to sign up before placing a freeze.
Many consumers erroneously believe that credit monitoring services will protect them from identity thieves. In truth, despite incessant marketing by the bureaus and others to the contrary, these services do not prevent thieves from using your identity to open new lines of credit, or from damaging your good name for years to come in the process. The most you can hope for is that credit monitoring services will alert you soon after an ID thief does steal your identity.
Credit monitoring services are principally useful in helping consumers recover from identity theft. Doing so often requires dozens of hours writing and mailing letters, and spending time on the phone contacting creditors and credit bureaus to straighten out the mess. In cases where identity theft leads to prosecution for crimes committed in your name by an ID thief, you may incur legal costs as well. Most of these services offer to reimburse you up to a certain amount for out-of-pocket expenses related to those efforts. But a better solution is to prevent thieves from stealing your identity in the first place by placing a freeze.
WHAT ELSE SHOULD YOU DO?
Freezing your credit file at the big three bureaus is a great start, but ID thieves can and do abuse other parts of the credit system to wreak havoc on consumers. Beyond the big three bureaus, Innovis is a distant fourth bureau that some entities use to check consumer creditworthiness. Fortunately, filing a freeze with Innovis also is free and relatively painless.
In addition, many wireless phone companies currently check consumer credit using a little-known credit reporting bureau operated by Equifax called the National Consumer Telecommunications and Utilities Exchange (NCTUE). Freezing your credit with Equifax won’t necessarily block inquiries to the NCTUE, but fortunately the NCTUE also offers a freeze process, as detailed in this story.
It’s a good idea to periodically order a free copy of your credit report. There are several forms of identity theft that probably will not be blocked by a freeze. But neither will they be blocked by a fraud alert or a credit lock. That’s why it’s so important to regularly review your credit file with the major bureaus for any signs of unauthorized activity.
By law, each of the three major credit reporting bureaus must provide a free copy of your credit report each year — but only if you request it via the government-mandated site annualcreditreport.com. The best way to take advantage of this right is to make a notation in your calendar to request a copy of your report every 120 days, to review the report and to report any inaccuracies or questionable entries when and if you spot them. Avoid other sites that offer “free” credit reports and then try to trick you into signing up for something else.
According to the Federal Trade Commission, having a freeze in place should not affect a consumer’s ability to obtain copies of their credit report from annualcreditreport.com.
It’s also a good idea to notify a company called ChexSystems to keep an eye out for fraud committed in your name. Thousands of banks rely on ChexSystems to verify customers that are requesting new checking and savings accounts, and ChexSystems lets consumers place a security alert on their credit data to make it more difficult for ID thieves to fraudulently obtain checking and savings accounts. For more information on doing that with ChexSystems, see this link.
Finally, ID thieves like to intercept offers of new credit and insurance sent via postal mail, so it’s a good idea to opt out of pre-approved credit offers. If you decide that you don’t want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years or opt out of receiving them permanently.
To opt out for five years: Call toll-free 1-888-5-OPT-OUT (1-888-567-8688) or visit optoutprescreen.com. The phone number and website are operated by the major consumer reporting companies. To complete your request for a permanent opt-out, you must return the signed Permanent Opt-Out Election form provided after you initiate your online request.