I’m looking for some recommendations for digital debit/credit cards.

It feels like every other day there’s ‘the largest data breach in history’ and at this point, I really don’t trust any entity to safely and securely store PII.

That said, I like buying things on the internet, I’m not into crypto and would rather not include my real card information during checkout.

Any recs would be appreciated, thanks yall!

  • itsmect@monero.townEnglish
    1·
    7 minutes ago

    What is your threat model? If it’s loosing money on your account, then Scrubbles already has posted an answer on security. I’d like to add that many modern credit/debit cards allow you to disable and reenable payment methods as you need it, you can use that to prevent your account getting drained.

    But to me this isn’t the entire answer, as it does little to protect your privacy in case of a data breach. I’ll break down additional things you can do, roughly from least to most effort:

    • Don’t reuse usernames unless you need to build a brand. If one account ever leaks personal information, it’s harder to associate it with the other stuff you do online.
    • Have at least 2 regular emails, one for services that need your personal info, and one for everything else. If needed you can compartmentalize more. Use temporary emails for signups wherever possible.
    • Often you don’t need to fill in real information into forms, make things up and put them as a note in you PW manager in case you need it later.
    • Protect you phone number at all costs. It’s a pain in the a** to change, and companies know it. Always assume you are being tracked if asked for your number. If it leaks, it becomes much easier to build a profile on you.
    • Shipping companies will often ask you for your number. How often have you been called because there were issues? If the answer is zero, they don’t need your real number either.
    • When using 2FA, use Aegis or a similar app. SMS 2FA is vulnerable to a few attacks and again leaks your number.
    • Get stuff shipped to a post box, if available to you locally. There are re-shipping services like a physical VPN if you need an extra layer.
    • Do not use paypal for payment if you want to hide your post address. They automatically give it to the merchant without telling you. Not sure who else follows the same practice, but personally I would not trust google/apple/samsung pay either.
    • If you need best payment privacy, buy a gift card with cash. Should you ever get crypto and want to get rid of it, buying a gift card with it is a good method.
  • Scrubbles@poptalk.scrubbles.techEnglish
    10·
    8 hours ago

    You’re right to be worried about this. I’ve worked in Fintech for a while, so I’ll break down my current views from worst to best

    Worst - Using bank information, routing checking number. Avoid this at all costs. These numbers lead directly to your money, and amcan only be changed by opening a new account. Avoid giving these out.

    Debit cards. There’s a thin layer separating you from your money, but debit cards are still pretty much a direct line to your money. I don’t think I’ve used mine in years, it sits collecting dust, only used when I need money from an ATM, which I jiggle the slot for first.

    Credit cards. Now there’s a difference. You’re using their money instead of your money to pay for things, and so they will not just let someone drain your account. Fraud is taken more seriously. You must be responsible with them, but you have many more protections. Plus if it does leak, ask for a new one.

    Payment with credit cards goes swipe, chip, then tap from least safe to most protected. Tap is near impossible to intercept where swipe is pretty much cleartext. Always tap if you can.

    The finally we get to tokenization, e.g. google/apple/Samsung pay or paypal. Another layer where your details aren’t even passed from your device to the register, just a one time token that says “here’s where you can get your money”. This is currently the most secure way to pay for anything.

    So I’m not directly answering your question because I would not trust an online digital credit card thing, but I’m trying to say that if you know what you’re doing, you can avoid a lot of risk. If you use tap to pay or better yet google pay, you’re as low of risk as you can get.

    For online forms, use google pay when you can, or things like shop pay (all tokenization providers, and I trust them more than I do random shop owner), and I have a credit card with really high protections for anything I really don’t trust

    • WhosMansIsThis@lemmy.sdf.orgOP
      2·
      3 hours ago

      Good looks! Thanks for the well thought out response. I don’t think I’ve ever used my direct baking info for anything. It always seemed like a terrible idea.

      Credit card seems to be the way to go. Although, there have been some fairly recent developments in NFC exploits and I’m not sure I trust tap payments any more than swipe or chip.

      I saw this a while ago. Its a little technical but still accessible

      If you’re not into videos, they were featured in wired

      • Scrubbles@poptalk.scrubbles.techEnglish
        1·
        1 hour ago

        Even with NFC exploits tokenized is the way to go. Tokenized payments only send a unique token to the PoS. The PoS system then (and probably not the register itself but rather their systems) then take that single use token, combine it with their secrets that only they have, and pass it up to Google/Apple/whoever to actually initialize the transaction. Google Pay/Apple/Whoever then verify that they are the ones who issued the token, and that it is signed correctly with the secrets that are shared. So not only would someone have to snoop the NFC token that was transmitted, but also have hacked into the PoS system and retrieved the secrets, which is no small feat - and even then since the token is one time only they’ve only accessed that specific purchase. They still know nothing about you or your banking information. The token expires and can never be used again.

        Tokenized pay via Google/Apple/Samsung/Whoever pay is the most secure form of adhoc payment at the moment. Tap is safer than swipe or chip, but since there’s no communication to get a one time token, it requires a slightly different approach. Tldr there, if you’re that worried about it, just add your card to your phone/watch.

  • loanrangerofpeanuts@lemmy.world
    8·
    8 hours ago

    I occasionally use privacy.com. They let you connect your checking/savings account and generate cards where you can set expenditure limits or make it a single use card. I’ve found it particularly useful for recurring payments.

    • WhosMansIsThis@lemmy.sdf.orgOP
      1·
      3 hours ago

      Hey thanks! I’ve heard that they require you to submit a copy of your drivers license in order to sign up… idk if Im comfortable with that honestly but maybe I’ll give it a shot. I appreciate the recommendation!