Very useful - my citibank credit card used to have a feature like this many years ago (I believe called "virtual card numbers"), but they got rid of it for some reason.
Though I am more likely to give my personal details to citibank than some startup. Trust is a big issue with payment startups.
> STEP TWO
When you check out on any website, the Privacy icon will appear in the card form.
Click it to create a new card, and auto-fill the card form. Use any name and billing address you like.
> STEP THREE
After the card is charged, we withdraw the money from your chosen funding account, similar to a debit card.
Not sure I get this. Do you have to fund an account on Privacy.com? So it's like a Paypal where you generate a new payer name every time you pay for some other service with it?
> Sensitive information is encrypted using a split-key encryption with partial keys held by separate employees, meaning no one can decrypt your data; not even us.
Umm. Pretty sure that giving your employees the ability to decrypt my data means that "you" can decrypt it.
According to your other answers and the website, they don't need to "fund an account on privacy.com". Rather, they connect it to an existing bank account.
Well, technically they can but a split key system is a PCI-DSS requirement. The advantage is that no single employee can gain access to sensitive data - they would have to collude with each providing their key to decrypt any data.
It is mainly designed to prevent employees from selling off sensitive data, but I think in practice with the right audit controls it's pretty effective.
I guess if there was a system in place where the two employees didn't know who the other employee was then it would mitigate risk.
Makes me wonder what sort of auditing system could be used that guarantees total transparency around when the keys are requested by both parties, by whom and for what reason without disclosing the employees? More interestingly I'd be really interested in a system that ensured that nobody knew who the two employees were but the keys could still retrieved.
Then on top of this it would awesome to have a way of revoking keys.
Probably impossible, but that would be the ultimate in security!
Hey HN - Privacy.com co-founder here. I'm really excited to share what we've been working on for the past year and a half or so.
We've been neck-deep in payments stuff on the card issuing side (getting a BIN sponsor, ACH origination, etc), so happy to answer any questions on that front as well.
P.S. For new users, your first $5 donation to watsi.org is on us :)
Thank you! We do have to abide by US AML / KYC laws as we are working with a sponsoring bank. We plan on releasing transparency reports on a regular basis.
Do the anti-fungibility regulations and/or your sponsored relationship require you to preemptively submit your transaction information (eg card#->bank# mapping) for surveillance, or only in response to a specific court order? If the latter, what is your retention period?
Do you have any plans to add batching+noise to foil global passive adversaries? For example, I opt to keep a running balance target of ~$50 and today's charge for $34.56 is debited as $31.37 a week later.
Many virtual cards before you have ran into issues of being flagged as prepaid or single use cards and having their BINs blacklisted by merchants. How will you be combatting this?
There's a lengthier answer to this, but long story short, yes we're aware of a lot of the common pitfalls. A big part of the challenge comes down to limiting abuse on the cards (which we're planning to do).
>ran into issues of being flagged as prepaid or single use cards
I generate Citi's virtual credit card numbers every month for numerous online shopping payments and I haven't run into issues.
It seems that it's not possible to determine if a card is a virtual number by parsing the digits.[1] Do you have other information stating that merchants know how to reject virtual cc numbers?
Citi and BOA get away with it because they can allocate out of a large pool of BIN numbers that are otherwise regular use debit/credit cards. These guys will have to figure out how to get a similar "mix" to avoid being flagged as prepaid/single use. This was the issue that ultimately caused PayPal to kill the service they had that was almost exactly the same as Privacy.com.
> will have to figure out how to get a similar "mix" to avoid being flagged as prepaid/single use. This was the issue that ultimately caused PayPal to kill the service
That's fascinating. Perhaps PayPal killed it for multiple reasons because the (possibly biased) answer from a PayPal said not enough people were using it: "The one-time card numbers -- technically they were MasterCard virtual debit card numbers -- were discontinued as a public user-facing feature because they were not generating sufficient transaction volume and revenue to warrant further development."
If a lot of merchants were flagging and rejecting transactions from Paypal's virtual CC BIN numbers, that would prevent people from using it very often, leading to "not generating sufficient tx volume", right?
I’m working on an idea that will need to pay hundreds of vendors for the services they perform for our customers. We want to pay the vendors electronically where possible so having unique card numbers for each vendor would be a great thing.
After looking at Privacy.com I want to take it a step further by generating a unique card number for each of our customers. We’d need higher spending limits and the ability to manage the cards via API. Other than that, what you’ve built sounds like a perfect fit for our use case.
Existing virtual card services have me covered on the virtual card front - both cost and (limited) privacy. I want something that gets me past the virtual card + AVS issue. All the virtual card providers seem to suck on this front...
No card issuer is going to verify a transaction of any significant value without AVS. AVS dropped fraud rates on card-not-present transactions dramatically, and it'd skyrocket without it.
>No card issuer is going to verify a transaction of any significant value without AVS
irl, Card acquirers do verify transactions without AVS, but they charge higher provided the merchant can demonstrate pre-transaction fraud mitigation
>AVS dropped fraud rates on card-not-present transactions dramatically, and it'd skyrocket without it.
AVS was less than moderately effective 6-7 years back, but it's less effective now, almost not at all. Most "researchers" have the card dumps with the addresses already so AVS does nothing to decrease the attack surface. Pre-transaction approval risk mitigation and post transaction fraud review is the only thing that works.
AVS doesn't deny anything. Its a status code returned on the auth. Its up to the merchant to reverse the auth if AVS data shows it doesn't match(Exact Address,Zip Code, CVV) or send the auth off for settlement. Merchant has almost no recourse if transaction is marked as fraud and the AVS doesn't match.
It may be up to the merchant, technically, but in reality systems such as Authorize.Net allow you to configure it at the gateway to reject transactions based on various AVS criteria. Many of my clients also only allow shipping to the AVS verified billing address as a way to weed out much of the fraud. For many products, only allowing shipping to the billing address is a reasonable restriction.
Say there are 3E9 people on Earth, each with 3 cards. That's around 10 digits right there. There's 1 digit for checksum. I imagine you'd want to leave space for least 1000 financial institutions around the world, so that's another 4 digits. Which means you can only have 100 transactions per person.
None of this takes into account the fact that the same people are issued way more than 3 card numbers either.
So my question is, how are we not close to running out of card numbers? How is this not even a problem yet?
The short answer is that, in theory, we are running out. It's kept in check now by some amount of BIN & account number recycling by financial institutions.
I don't believe we are that close to running out though, are we?
Using the number scheme, this person calculated^1 that (assuming Amex starts issuing 16 digit cards) there would be 3*10^14 + 10^11 or 4.001e+14 possible combinations.
This actually wouldn't be much of a problem for privacy because they could just have x different cards and cycle them through and just keep very good books on who got what.
It averages out. The people who do have credit cards are issued far, far more than 3 numbers in their lifetime due to cards expiring/being cancelled, promotional offers etc. I myself have had something like 10-15 different card numbers in the past 10 years, without actually trying.
I have one question: how? How can you fund my card at the time of payment, if you get my money through a wire transfer? By the time the money arrives, the merchant will have cancelled my purchase, no?
Fool! This "modern web" you speak of is nothing without me browsing it. It is not I who am missing out! Nay! It is the "modern web" that is diminished by my non-browsing of it!
They are punishing themselves! Why!?
No matter. I shall browse on, without Javascript, safe in the certitude that I am only missing the content of people too foolish, ignorant, or uncaring to use HTML and CSS properly.
Privacy.com. Don't let them track you. I open it to find a totally blank page asking me to turn on malicious, surveillance-loving, code execution to view ("we promise") good content.
(sighs)
And, to "modern web requires Javascript" critics, modern life expects credit, web surveillance, Facebook, etc. That doesn't mean you have to support or force it on others. Let's look at it really quick to see if a HTML4 w/ CSS site could've handle it. Yep, we did more interesting stuff back in the "DHTML" days (eg dynamicdrive.com). So, it's a privacy site pushing risky, higher-overhead crap on us just for fun. Hypocrites.
Alright, now let's look at the security. I should eliminate stealing a specific card or using malware on the machine to forge transactions. These are main attack vectors. Might mitigate the first. Looks like it will be vulnerable to the second. Admittedly, most methods are vulnerable to the second and those that aren't stay niche due to "inconvenience." So, still could be value in mass market where people get compromised anyway but want to knock out a common attack. The third risk is an unknown with some of the claims looking good on paper but to abstract to evaluate.
Note: The split-keys between employees part on the security page is funny. It's a banking control for sure. I'll just let your imaginations work out how little protection it brings from hackers, management, or the government. ;)
Considering someone wanted 4 mil for [my fairy common first name].com a few months back when I was trying to get it, since I noticed that it has been parked for a while after the other guy who ran a neglected personal blog on it for years would never answer my emails, I would estimate quite a lot.
What, if any, data do you have to report to authorities or central databases by default, i.e. without receiving a specific warrant? Is there anything in that class you are not allowed to mention (but may be allowed to mention insofar as answering this question in the affirmative)?
With a name like Privacy.com I was hoping to see your use of Google Analytics visitor tracking in your privacy policy: https://privacy.com/#privacy-policy
It isn't there, and disclosing it is mandatory under the Google Analytics T&C's (Section 7 here, it's crystal clear with the language "You must..." https://www.google.com/analytics/terms/us.html )
Can you please add it to your privacy policy? It's one of the first things privacy-conscious users look for when evaluating a website or service.
Seems like you guys could partner with companies like "Coin" - https://onlycoin.com/ - having "soft" physical credit cards with dynamically issued numbers would be crazy.
The stop subscriptions aspect really stood out to me, I had to spend 40 minutes on the phone with that darn company to get things canceled, even though I only used it for one day for an hour.
It's important to remember that just cancelling a payment method doesn't necessarily mean you're unsubscribed. If you're still getting a service, you're still on the hook for paying for it one way or another.
If this is true, then Privacy.com doesn't resolve this obligation. The temporary card number won't be chargeable by the merchant, but you'd still be on the hook for the renewed (and unpaid) service.
It certainly changes the burden of notification. A company can setup many hoops for canceling, forcing you to go through some asinine phone tree and drone script to stop charges to your card. Whereas lacking an established payment channel, they can no longer play dumb if you eg send them a simple email to cancel.
If you signed up online, the company must provide a way to cancel online per visa rules. Check their TOS, they probably list a way to cancel online via email or whatever.
Got a citation on this? I'd love for it to be true, since it'll save me a lot of effort. But WSJ, for instance, requires you to cancel via phone even if you sign up online.
Nice find. From some other quick research, if there is a violation, you have to report it to Visa via phone or mail.
Looks like they used to have an online form a several years ago, but it went missing. Various blog/forum posts indicate that most people have had no luck getting any sort of response from Visa via mail.
Unfortunately it probably won't happen for awhile :(. We're a free service, and make money off the interchange from issuing these cards. Amex and high points cards are really expensive to accept funding from.
Any way this works without a browser extension? I'm assuming such an extension has full access to every single page in order to do its job, which is a huge security risk. You don't need to be reading my emails or passwords.
It does :), you can create directly from your dashboard without an extension. The current onboarding flow pushes you towards creating a card first, but we'll patch that.
Good to hear! Bring this to Europe and I can see it being very popular, credit cards aren't as common or easy to get here and ordering outside of your local country often requires one. I imagine that's still a long way away though :).
Credit cards are hard to get in Europe? If you are talking about cards with credit line, sure, but debit/prepaid cards are pretty easy to get (e.g. Number26, Monese, Revolut, Fidor etc).
I understand why you need it, and I want this service in a big way, but I'm just baulking at giving you my online banking username and password. Why should I trust you with that?
Don't think they ask for banking username and password. They only state they will directly debit it from your account, which does not require sharing your bank credentials. All you probably need is a one time authorization for them to be able to debit.
In my experience, bank logins are used for instant verification of funding. For example, Robinhood uses it likely to verify legitimate users for its $1000 instant funding service.
How's that article relevant? It's the typical Krebs "IRS sucks" piece with some intuit mixed in, because apparently even fraudsters - doing potentially hundreds of filings a day - think that turbotax is the most convenient way of filing your taxes.
Services like Mint, Personal Capital, MoneyWiz, etc don't directly store or use your banking login, they pay to go through secure, well-known services like Yodlee http://www.yodlee.com
Is privacy.com actually asking for bank logins, or just your bank account number/routing? In either case, it is nothing new or uniquely scary about this service. If you're not comfortable with this, then there really aren't any third-party online banking apps you are going to be comfortable with anyway.
Totally understand it's sensitive, and it's cool if you're not ready to trust us with that yet. That's something that we plan to earn and don't take for granted. Eventually we do plan to allow debit card funding.
Didn't realize you require login & pass to bank (registration didn't work on windows phone).
While that's common in Germany, in Poland giving your login & passto 3rd party means that bank has no responsibility for any loss/fraud/anything if something goes wrong for whatever reason. This is breaching the term with the bank, that your login and password are confidential.
In Poland a oauth like alternative for payments is used, where you end up on your bank website to confirm payment and then you go back to the merchant.
That would make sense :)
Anyway, I checked my bank agreement (page 15...)
> You agree to: 1) keep your password secure and strictly confidential, providing it only to authorized signers on your account(s);
2) instruct each person to whom you give your
password that he or she is not to disclose it to any unauthorized
person; and
3) immediately notify us and select a new password
if you believe your password may have become known to an
unauthorized person. We may suspend or cancel your password
even without receiving such notice from you, if we suspect your
password is being used in an unauthorized or fraudulent manner
There's a startup building an API layer for banks that would make this better. The name has slipped my mind right now, but perhaps someone will know. IIRC it is about replacing ACH entirely.
I wish banks would offer something like OAuth - a service-specific, revokable credential with access only to the stuff it needs. I'd be a lot more inclined to use a product like Mint, for example, if I could grant it ONLY read access to my transactions and I knew I could revoke that access at any time without having to change my primary credentials or disrupt any other services/apps I have connected.
ABA/DDA are inherently less secure than online access credentials. An account can be directly debited if ABA/DDA are compromised, and they cannot be rotated without closing the account. Plaid tokenizes all this to avoid any potential issues -- and further, if credentials are somehow compromised they can be rotated very easily.
I have never understood that argument, I've heard it many times though.
You would freely give out the private key of your credit card (credit card number/expiry date/cvv) to any online merchant, but hesitate on authing your bank account user/pass which you can change anytime you want?
damn. I've been wanting a service like this for a very long time. Not just for privacy of security, but hopefully so that if my banking or real credit card information changes I could just go to one place to make all my updates.
My biggest question with Privacy, and of any one-time use credit card numbers service, is always:
Will it affect my rewards? Will businesses still show up unaffected with the same categories on my credit card statement? (I have a travel rewards only card, so breaking the rewards flow is a deal-breaker for using a higher level service.)
Edit: I misunderstood the service as being able to be layered on top of normal credit cards. It looks like the funding source is only bank accounts for now. Still my question remains if building on credit or debit cards is on the roadmap.
Edit 2: They are one-time use numbers, right? "Use at merchants" (plural) seems to possibly imply otherwise.
> What happens when I generate a new Privacy card?
> We'll give you a random 16-digit Visa card number that you can use at merchants that accept Visa debit cards...
Edit 3: It sounds like the business model results in keeping the money that would go to rewards on a normal card.
> How do you make money?
> Every time you spend using a Privacy card, the merchant or website pays a fee (called interchange) to Visa and the issuing bank. This fee is shared with us. We have some premium features planned, but rest assured, our core virtual card product will always be free and we will never sell your personal data.
Debit cards are something we're looking towards in the near term, credit cards probably will have to be a premium feature (due to how we make money right now).
The numbers can be one-time use (burners) or re-usable at the same merchant.
No, since the ability to limit the amount and the expiration date as well as the ability to close a number at will is immensely useful on its own. (Citi lets you do all of those.)
I can't use this right now because all of my spending goes on a rewards credit card, but if you offered credit card support as a premium feature I'd be signed up in a second. I hope to see that feature soon!
Don't you see that rewards tracking is actually the antithesis of this service?
That's what those "free" rewards really are...getting more detailed information on your spending patterns and profile so they can resell that info to interested parties.
>If you have a loyalty card or shop online, the supermarkets will build up a demographic profile of you, and collect data about how loyal you are, what you buy and how much you spend, says Guy Montague-Jones of The Grocer.
This is how retail in America works now: collect data, adjust to fit.
As others pointed out with the % splitting, I'm not sure that I agree.
A credit card company could collect spending information and resell it for all cardholders, not just those holding cards having good rewards.
Perhaps this is naive and instead more valuable customers (based on spending more money annually or having a higher credit score to qualify for the card in the first place) have their information sold more, but privacy and reward programs seem like orthogonal aspects of the business to me.
It's an interesting idea. However, I'm not comfortable with a third party having all that information. Some banks issue "corporate" cards, with numerous "employee" cards. I already trust the bank, after all. So what else does Privacy.com provide that's worth the risk? They're still subject to KYC, right? So there's no strong privacy. Or am I missing something?
We are still subject to US AML / KYC laws. But the cool thing about these cards is you can use any name or billing info you want with them, so don't have to worry about your info getting leaked if some website you bought an indie game / song / whatever from 6 months ago got hacked.
OK, so that would have protected Ashley Madison users. Because none of the likely interested parties (partners, private investigators, etc) would have leverage to get information from you. Same for users buying porn, unless they get investigated for child porn. That's not a KYC issue, but there will be a subpoena. And I'm assuming that you must comply with all subpoenas.
Edit: I wonder what your burden would be in bankruptcy cases.
Ashley Madison and porn users are easy targets. But broadly-speaking, we just think you just shouldn't have to share your personal info with a random merchant you want to buy something from.
It's anti-privacy in the guise of being anti-fraud.
Still, users arguably need to trust you more than they trust traditional credit card companies. But it's about the same as PayPal, I guess. They often do have access to users' bank accounts.
So anyway, I get the point. It's a useful service.
Really though, isn't something like the apple pay system a better way? You don't risk getting flagged as a prepaid card and reject, you aren't giving out your data.
I like this, especially the repudiating of the privacy-hostile billing name/address voodoo. But I'd worry about forgoing the traditional protection of credit card chargebacks, and having to rely on debit card terms and direct ACH.
We make chargebacks just as easy. There's a button you can click next to the transaction that will initiate the dispute process - we'll deposit the funds back in your primary funding account and follow up with you, then resolve with the merchant. You're also covered under Visa's zero liability policy.
Sure, but an unauthorized charge is a clear cut case. I'm talking about an authorized charge from a merchant who is later uncooperative for whatever reason. I would think that a longstanding credit card company would have a more account-holder-friendly dispute process, but perhaps this is just a perception you have to overcome. Furthermore with a credit card one never loses the money until they decide to transfer it, regardless of company policies.
It would be better if this were more clearly visible, especially to non-US IPs. I don't want to create an account to discover that the service only works in one specific country and with a specific list of banks.
I accept that disabling JavaScript is generally a losing battle, but it specifically irks me when the website of a privacy-centric service is just completely blank if you don't have JavaScript enabled. Of all 30 people out there browsing without JavaScript, it seems like they have an elevated chance of all wanting to learn about this service, and I find myself moderately discouraged from trying it by this issue.
You're right. We should've done a better job with this. It was a trade-off and we decided against, but we should done a better job communicating it. Hopefully you can enable Javascript for us and give it a shot :).
"Never forget the cancel one of those pesky 30 day free trials."
This is very misleading to say the least. Not paying for a service doesn't cancel a service. If they tried to bill your card and the card was rejected that doesn't mean the service is cancelled.
That's well outside of what is commonly understood by "one of those pesky free trials". That's some other contract that someone would have to have agreed to.
It would be very hard to convince a judge that you honestly believed, based on reading that slogan, that Privacy.com would somehow release you automatically from any terms of any contract you might sign that happens to involve a trial period.
>It would be very hard to convince a judge that you honestly believed, based on reading that slogan, that Privacy.com would somehow release you automatically from any terms of any contract you might sign that happens to involve a trial period.
??????
Where on earth did I say that? Where on earth did I say it would be a defense in court?
It's very misleading advertising. So misleading I think its irresponsible.
They may be able to still bill you and you may be legally obligated to pay, you are just taking away their way of automatically collecting the bill. You may still actually owe the bill; just because you didn't pay a bill doesn't mean you don't owe the money.
All this depends on the company, what you signed up for, if it was a contract, the TOS, etc, etc, etc.
For a real silly example to illustrate - lets say I signed up for Comcast and gave them a single use credit card number for automatic bill pay. When the second month comes around they attempt to charge my credit card and the card is declined. That doesn't mean I suddenly don't have to pay my Comcast bill, it just means they can't collect it automatically. Comcast will take a few months to cut off service[1] so you'll end up owing them several hundred dollars. Eventually if you don't pay they could send you to collections. Collections can take you to court and then when they win they can garish your wages, etc, etc.
Yes, I know this is a silly example and its unlikely to happen with the majority of "free trial" services on the net but that doesn't mean its responsible to basically advertise "yeah, just give any company a temporary number for a free trial and forget about it." Especially since a lot of services with a free trial are with companies that have a lot of resources.
A less silly example would be if I signed up for a gym with a two year agreement and a year later I canceled my credit card and stopped going to the gym. In that case the odds of me being billed further and sent to collections is very very high.
[1] they do that around here, I know someone who only pays their Comcast bill every 4 months or so...
This is one of those things I have wanted to make so many times and I assumed it would either be technically impossible (card numbers not actually a huge number space) or it would just get marked as fraud.
Obligatory "no we can't have nice things". Something like this was available to all Discover card users 5 years ago, but a bit hidden on their website, and was discontinued.
I think most people prefer to do what's most convenient (have one credit card/number) and patch up any abuse/fraud after-the-fact.
For big banks, it has been technically possible for a while (since 2002 in France[1]) you can create a single usage card. The issue is the cost of that service, and it's probably only working on Windows PCs.
There is a few of these services and they all look awesome. The issue has always been for me that I value my points/miles more than I value the convenience of not worrying about my credit card # being stolen. If I could do this with my SPG card, I would be all over it.
366 comments
[ 3.3 ms ] story [ 276 ms ] threadThough I am more likely to give my personal details to citibank than some startup. Trust is a big issue with payment startups.
> STEP THREE After the card is charged, we withdraw the money from your chosen funding account, similar to a debit card.
Not sure I get this. Do you have to fund an account on Privacy.com? So it's like a Paypal where you generate a new payer name every time you pay for some other service with it?
> Sensitive information is encrypted using a split-key encryption with partial keys held by separate employees, meaning no one can decrypt your data; not even us.
Umm. Pretty sure that giving your employees the ability to decrypt my data means that "you" can decrypt it.
Touche, thanks for bringing that up. Updating the language.
It is mainly designed to prevent employees from selling off sensitive data, but I think in practice with the right audit controls it's pretty effective.
I guess if there was a system in place where the two employees didn't know who the other employee was then it would mitigate risk.
Makes me wonder what sort of auditing system could be used that guarantees total transparency around when the keys are requested by both parties, by whom and for what reason without disclosing the employees? More interestingly I'd be really interested in a system that ensured that nobody knew who the two employees were but the keys could still retrieved.
Then on top of this it would awesome to have a way of revoking keys.
Probably impossible, but that would be the ultimate in security!
We've been neck-deep in payments stuff on the card issuing side (getting a BIN sponsor, ACH origination, etc), so happy to answer any questions on that front as well.
P.S. For new users, your first $5 donation to watsi.org is on us :)
What do you do when you get subpoenaed? Do you link all the accounts to the real identity? Lavabit-style exit?
I'm pretty sure that KYC trumps privacy, in this case :(
Lavabit wasn't doing financial transactions. Openly, anyway.
Do you have any plans to add batching+noise to foil global passive adversaries? For example, I opt to keep a running balance target of ~$50 and today's charge for $34.56 is debited as $31.37 a week later.
I generate Citi's virtual credit card numbers every month for numerous online shopping payments and I haven't run into issues.
It seems that it's not possible to determine if a card is a virtual number by parsing the digits.[1] Do you have other information stating that merchants know how to reject virtual cc numbers?
[1]"As there is no way for a merchant to identify a card as virtual up-front," https://support.cybersource.com/cybskb/index?page=content&id...
That's fascinating. Perhaps PayPal killed it for multiple reasons because the (possibly biased) answer from a PayPal said not enough people were using it: "The one-time card numbers -- technically they were MasterCard virtual debit card numbers -- were discontinued as a public user-facing feature because they were not generating sufficient transaction volume and revenue to warrant further development."
[1]https://www.quora.com/Why-did-PayPal-discontinue-their-one-t...
If a lot of merchants were flagging and rejecting transactions from Paypal's virtual CC BIN numbers, that would prevent people from using it very often, leading to "not generating sufficient tx volume", right?
I’m working on an idea that will need to pay hundreds of vendors for the services they perform for our customers. We want to pay the vendors electronically where possible so having unique card numbers for each vendor would be a great thing.
After looking at Privacy.com I want to take it a step further by generating a unique card number for each of our customers. We’d need higher spending limits and the ability to manage the cards via API. Other than that, what you’ve built sounds like a perfect fit for our use case.
Tell me about AVS please.
Existing virtual card services have me covered on the virtual card front - both cost and (limited) privacy. I want something that gets me past the virtual card + AVS issue. All the virtual card providers seem to suck on this front...
I work at a small ecommerce company and we'd be effed without our AVS service to help with CC fraud.
>Do you want your address actually verified or a feature that makes AVS useless?
Either is fine with me. I just want a virtual card (to protect my bank acc) that I can use in as many places as possible.
Currently I've got a virtual card that only works like half the time...That's pretty underwhelming by any criteria.
Either is fine with me. I just want a virtual card (to protect my bank acc) that I can use in as many places as possible.
Currently I've got a virtual card that only works like half the time...That's pretty underwhelming by any criteria.
irl, Card acquirers do verify transactions without AVS, but they charge higher provided the merchant can demonstrate pre-transaction fraud mitigation
>AVS dropped fraud rates on card-not-present transactions dramatically, and it'd skyrocket without it.
AVS was less than moderately effective 6-7 years back, but it's less effective now, almost not at all. Most "researchers" have the card dumps with the addresses already so AVS does nothing to decrease the attack surface. Pre-transaction approval risk mitigation and post transaction fraud review is the only thing that works.
Say there are 3E9 people on Earth, each with 3 cards. That's around 10 digits right there. There's 1 digit for checksum. I imagine you'd want to leave space for least 1000 financial institutions around the world, so that's another 4 digits. Which means you can only have 100 transactions per person.
None of this takes into account the fact that the same people are issued way more than 3 card numbers either.
So my question is, how are we not close to running out of card numbers? How is this not even a problem yet?
If you're curious about the number scheme, check out https://en.wikipedia.org/wiki/ISO/IEC_7812
Using the number scheme, this person calculated^1 that (assuming Amex starts issuing 16 digit cards) there would be 3*10^14 + 10^11 or 4.001e+14 possible combinations.
[1]: https://www.reddit.com/r/theydidthemath/comments/3wj8eb/requ...
You vastly overestimate the number of people with credit cards.
The money is transferred from your account before the card is issued / transaction go through so it's pretty much a charge card.
They are punishing themselves! Why!?
No matter. I shall browse on, without Javascript, safe in the certitude that I am only missing the content of people too foolish, ignorant, or uncaring to use HTML and CSS properly.
(sighs)
And, to "modern web requires Javascript" critics, modern life expects credit, web surveillance, Facebook, etc. That doesn't mean you have to support or force it on others. Let's look at it really quick to see if a HTML4 w/ CSS site could've handle it. Yep, we did more interesting stuff back in the "DHTML" days (eg dynamicdrive.com). So, it's a privacy site pushing risky, higher-overhead crap on us just for fun. Hypocrites.
Alright, now let's look at the security. I should eliminate stealing a specific card or using malware on the machine to forge transactions. These are main attack vectors. Might mitigate the first. Looks like it will be vulnerable to the second. Admittedly, most methods are vulnerable to the second and those that aren't stay niche due to "inconvenience." So, still could be value in mass market where people get compromised anyway but want to knock out a common attack. The third risk is an unknown with some of the claims looking good on paper but to abstract to evaluate.
Note: The split-keys between employees part on the security page is funny. It's a banking control for sure. I'll just let your imaginations work out how little protection it brings from hackers, management, or the government. ;)
It's a long story, but there's probably a good blog post in this.
Another: https://dl.dropboxusercontent.com/u/1237941/Screen%20Shot%20...
The expiration date and CVV aren't fully visible - and for some reason clicking the "Open" button does nothing, so I can't close it.
* Can I use your card to pay for FreedomPop?
* Can I pay for your card using prepaid credit?
It isn't there, and disclosing it is mandatory under the Google Analytics T&C's (Section 7 here, it's crystal clear with the language "You must..." https://www.google.com/analytics/terms/us.html )
Can you please add it to your privacy policy? It's one of the first things privacy-conscious users look for when evaluating a website or service.
Anyway, thanks for bringing it up. We've pushed the updated terms.
Though Privacy's approach of being extension-first and launching first is probably the right one.
Section: 5.9.8.2
"Provide an online cancellation procedure if the Cardholder's request for goods or services was initially accepted online"
Looks like they used to have an online form a several years ago, but it went missing. Various blog/forum posts indicate that most people have had no luck getting any sort of response from Visa via mail.
Maybe different for other banks, but this was the requirement for Chase.
Is privacy.com actually asking for bank logins, or just your bank account number/routing? In either case, it is nothing new or uniquely scary about this service. If you're not comfortable with this, then there really aren't any third-party online banking apps you are going to be comfortable with anyway.
While that's common in Germany, in Poland giving your login & passto 3rd party means that bank has no responsibility for any loss/fraud/anything if something goes wrong for whatever reason. This is breaching the term with the bank, that your login and password are confidential.
In Poland a oauth like alternative for payments is used, where you end up on your bank website to confirm payment and then you go back to the merchant.
> You agree to: 1) keep your password secure and strictly confidential, providing it only to authorized signers on your account(s); 2) instruct each person to whom you give your password that he or she is not to disclose it to any unauthorized person; and 3) immediately notify us and select a new password if you believe your password may have become known to an unauthorized person. We may suspend or cancel your password even without receiving such notice from you, if we suspect your password is being used in an unauthorized or fraudulent manner
You would freely give out the private key of your credit card (credit card number/expiry date/cvv) to any online merchant, but hesitate on authing your bank account user/pass which you can change anytime you want?
smh.
Looking forward to seeing how it looks.
Will it affect my rewards? Will businesses still show up unaffected with the same categories on my credit card statement? (I have a travel rewards only card, so breaking the rewards flow is a deal-breaker for using a higher level service.)
Edit: I misunderstood the service as being able to be layered on top of normal credit cards. It looks like the funding source is only bank accounts for now. Still my question remains if building on credit or debit cards is on the roadmap.
Edit 2: They are one-time use numbers, right? "Use at merchants" (plural) seems to possibly imply otherwise.
> What happens when I generate a new Privacy card?
> We'll give you a random 16-digit Visa card number that you can use at merchants that accept Visa debit cards...
Edit 3: It sounds like the business model results in keeping the money that would go to rewards on a normal card.
> How do you make money?
> Every time you spend using a Privacy card, the merchant or website pays a fee (called interchange) to Visa and the issuing bank. This fee is shared with us. We have some premium features planned, but rest assured, our core virtual card product will always be free and we will never sell your personal data.
The numbers can be one-time use (burners) or re-usable at the same merchant.
That's what those "free" rewards really are...getting more detailed information on your spending patterns and profile so they can resell that info to interested parties.
http://www.theguardian.com/money/2013/jun/08/supermarkets-ge...
>If you have a loyalty card or shop online, the supermarkets will build up a demographic profile of you, and collect data about how loyal you are, what you buy and how much you spend, says Guy Montague-Jones of The Grocer.
This is how retail in America works now: collect data, adjust to fit.
Of course it's a simple rebate as well, but I didn't think I needed to point out something that obvious.
A credit card company could collect spending information and resell it for all cardholders, not just those holding cards having good rewards.
Perhaps this is naive and instead more valuable customers (based on spending more money annually or having a higher credit score to qualify for the card in the first place) have their information sold more, but privacy and reward programs seem like orthogonal aspects of the business to me.
Edit: I wonder what your burden would be in bankruptcy cases.
It's anti-privacy in the guise of being anti-fraud.
Yes, we do have to comply with subpoenas.
Still, users arguably need to trust you more than they trust traditional credit card companies. But it's about the same as PayPal, I guess. They often do have access to users' bank accounts.
So anyway, I get the point. It's a useful service.
Really though, isn't something like the apple pay system a better way? You don't risk getting flagged as a prepaid card and reject, you aren't giving out your data.
I always giggle when I see that.
"Our Security Auditor Is An Idiot. How Do I Give Him The Information He Wants?" http://serverfault.com/questions/293217/our-security-auditor...
Hey, us too!
http://www.rsync.net/resources/regulatory/pci.html
Cheers!
"We're only available in the United States at the moment."
This is very misleading to say the least. Not paying for a service doesn't cancel a service. If they tried to bill your card and the card was rejected that doesn't mean the service is cancelled.
It would be very hard to convince a judge that you honestly believed, based on reading that slogan, that Privacy.com would somehow release you automatically from any terms of any contract you might sign that happens to involve a trial period.
??????
Where on earth did I say that? Where on earth did I say it would be a defense in court?
It's very misleading advertising. So misleading I think its irresponsible.
All this depends on the company, what you signed up for, if it was a contract, the TOS, etc, etc, etc.
For a real silly example to illustrate - lets say I signed up for Comcast and gave them a single use credit card number for automatic bill pay. When the second month comes around they attempt to charge my credit card and the card is declined. That doesn't mean I suddenly don't have to pay my Comcast bill, it just means they can't collect it automatically. Comcast will take a few months to cut off service[1] so you'll end up owing them several hundred dollars. Eventually if you don't pay they could send you to collections. Collections can take you to court and then when they win they can garish your wages, etc, etc.
Yes, I know this is a silly example and its unlikely to happen with the majority of "free trial" services on the net but that doesn't mean its responsible to basically advertise "yeah, just give any company a temporary number for a free trial and forget about it." Especially since a lot of services with a free trial are with companies that have a lot of resources.
A less silly example would be if I signed up for a gym with a two year agreement and a year later I canceled my credit card and stopped going to the gym. In that case the odds of me being billed further and sent to collections is very very high.
[1] they do that around here, I know someone who only pays their Comcast bill every 4 months or so...
Excited to see someone giving it a try.
I think most people prefer to do what's most convenient (have one credit card/number) and patch up any abuse/fraud after-the-fact.
These services aren't usually very popular.
[1] https://translate.google.com/translate?sl=fr&tl=en&js=y&prev...