It's the banks problem, to be frank. If you're in the US, your liability for fraud is capped by law at $50 per card.
Temporary card numbers are awesome. Some CC providers give you one, otherwise you can use a service like privacy.com. You can also pay for things in crypto and keep only a limited amount of crypto in your browser-based wallet or do multi-sig so you have to approve transactions from two different devices. This can help minimize loss from an attack.
If you have malware on the machine it could just steal it when you use it the next time.
I don't think that is encrypted at all. Just like your passwords and cookies, they aren't either.
I don't. But even if I did, I wouldn't have much use for it as I use single-use debit cards generated via my bank app or TatraPay (my bank's instant method of QR code payments) if the merchant has that option. I just wish there was a universal method for instant QR code payments. It's pretty convenient.
I simply do not use this feature.
Firefox
A place to discuss the news and latest developments on the open-source browser Firefox