this post was submitted on 31 Jan 2025
12 points (100.0% liked)

Privacy

520 readers
249 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

~PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!~

  1. Be nice and no bigotry/prejudice
  2. No tankies/alt-right fascists. The former can be tolerated but the latter are banned
  3. Stay on topic
  4. Don't promote proprietary software
  5. No crypto
  6. No Xitter links (only allowed when can't fact check any other way, use xcancel)
  7. If you post news exclusive to a country please name it. ~(This isn't a bannable rule, just a recommendation!)~

Related communities

founded 2 months ago
MODERATORS
fxomt@lemm.ee
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
12
Digital Debit Cards? (lemmy.sdf.org)
submitted 8 hours ago by WhosMansIsThis@lemmy.sdf.org to c/privacy@lemmy.dbzer0.com
6 comments fedilink hide all child comments
 

I'm looking for some recommendations for digital debit/credit cards.

It feels like every other day there's 'the largest data breach in history' and at this point, I really don't trust any entity to safely and securely store PII.

That said, I like buying things on the internet, I'm not into crypto and would rather not include my real card information during checkout.

Any recs would be appreciated, thanks yall!

top 6 comments
sorted by: hot top controversial new old
[–] scrubbles@poptalk.scrubbles.tech 9 points 7 hours ago* (last edited 7 hours ago) (1 children)

You're right to be worried about this. I've worked in Fintech for a while, so I'll break down my current views from worst to best

Worst - Using bank information, routing checking number. Avoid this at all costs. These numbers lead directly to your money, and amcan only be changed by opening a new account. Avoid giving these out.

Debit cards. There's a thin layer separating you from your money, but debit cards are still pretty much a direct line to your money. I don't think I've used mine in years, it sits collecting dust, only used when I need money from an ATM, which I jiggle the slot for first.

Credit cards. Now there's a difference. You're using their money instead of your money to pay for things, and so they will not just let someone drain your account. Fraud is taken more seriously. You must be responsible with them, but you have many more protections. Plus if it does leak, ask for a new one.

Payment with credit cards goes swipe, chip, then tap from least safe to most protected. Tap is near impossible to intercept where swipe is pretty much cleartext. Always tap if you can.

The finally we get to tokenization, e.g. google/apple/Samsung pay or paypal. Another layer where your details aren't even passed from your device to the register, just a one time token that says "here's where you can get your money". This is currently the most secure way to pay for anything.

So I'm not directly answering your question because I would not trust an online digital credit card thing, but I'm trying to say that if you know what you're doing, you can avoid a lot of risk. If you use tap to pay or better yet google pay, you're as low of risk as you can get.

For online forms, use google pay when you can, or things like shop pay (all tokenization providers, and I trust them more than I do random shop owner), and I have a credit card with really high protections for anything I really don't trust

[–] WhosMansIsThis@lemmy.sdf.org 2 points 2 hours ago (1 children)

Good looks! Thanks for the well thought out response. I don't think I've ever used my direct baking info for anything. It always seemed like a terrible idea.

Credit card seems to be the way to go. Although, there have been some fairly recent developments in NFC exploits and I'm not sure I trust tap payments any more than swipe or chip.

I saw this a while ago. Its a little technical but still accessible

If you're not into videos, they were featured in wired

[–] scrubbles@poptalk.scrubbles.tech 1 points 1 hour ago

Even with NFC exploits tokenized is the way to go. Tokenized payments only send a unique token to the PoS. The PoS system then (and probably not the register itself but rather their systems) then take that single use token, combine it with their secrets that only they have, and pass it up to Google/Apple/whoever to actually initialize the transaction. Google Pay/Apple/Whoever then verify that they are the ones who issued the token, and that it is signed correctly with the secrets that are shared. So not only would someone have to snoop the NFC token that was transmitted, but also have hacked into the PoS system and retrieved the secrets, which is no small feat - and even then since the token is one time only they've only accessed that specific purchase. They still know nothing about you or your banking information. The token expires and can never be used again.

Tokenized pay via Google/Apple/Samsung/Whoever pay is the most secure form of adhoc payment at the moment. Tap is safer than swipe or chip, but since there's no communication to get a one time token, it requires a slightly different approach. Tldr there, if you're that worried about it, just add your card to your phone/watch.

[–] loanrangerofpeanuts@lemmy.world 8 points 7 hours ago (2 children)

I occasionally use privacy.com. They let you connect your checking/savings account and generate cards where you can set expenditure limits or make it a single use card. I’ve found it particularly useful for recurring payments.

[–] WhosMansIsThis@lemmy.sdf.org 1 points 3 hours ago

Hey thanks! I've heard that they require you to submit a copy of your drivers license in order to sign up... idk if Im comfortable with that honestly but maybe I'll give it a shot. I appreciate the recommendation!

[–] Bell@lemmy.world 3 points 7 hours ago

+1 been using privacy for over 5 years now