Slashdot Mirror
Ask Slashdot: How Safe, Really, Is Paying For Things Online?
An anonymous reader writes:
Due to the rash of intrusions into electronic payment systems lately, I've decided to go back to paying cash for everyday purchases, groceries, fuel, and anything else I pay for in person (which also has the positive effect of making balacing my checkbook every month that much easier). The question I have is: For the monthly bills it's just not practical to pay in person (utilities, for instance), how safe are those?
Five minutes of research is telling me that mailing paper checks isn't any more secure than online electronic payments and in fact may be even less secure, but short of literally showing up at the electric company, phone company, ISP, and so on, and paying them cash in person, I can't see any other way to pay them. So how safe is it right now, honestly?
I'm always interested in how Slashdot readers secure their own personal finances -- but how high is the danger that a remote malefactor will hijack and then drain your bank account? Leave your best answers in the comments. How safe, really, is paying for things online?
Five minutes of research is telling me that mailing paper checks isn't any more secure than online electronic payments and in fact may be even less secure, but short of literally showing up at the electric company, phone company, ISP, and so on, and paying them cash in person, I can't see any other way to pay them. So how safe is it right now, honestly?
I'm always interested in how Slashdot readers secure their own personal finances -- but how high is the danger that a remote malefactor will hijack and then drain your bank account? Leave your best answers in the comments. How safe, really, is paying for things online?
"Is It Safe?" https://en.wikipedia.org/wiki/...
Seriously why would you use your main checking and savings account for online purchases?
Thanks to APKs host file generator, I'm invincible to hacking. Thanks again, APK. You da best!
One-shot accounts work for me. I go to a site, hit the Applepay button, my phone asks for my thumbprint, and i'm good to go.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Not all that safe. But my credit card gives me a window to dispute charges, and a level of indirection I'm comfortable with.
Automatic currency conversion to other currency (Euro, Ausi$, etc.)
Aside from the fees, best option.
And if someone hacks them we are all so screwed anyway, even cash would not be safe.
Well, how safe is it to be walking around with a pocket full of cash? What if you get robbed? What if you drop your wallet? What if you go to the bank machine and it dispenses too few bills, but thinks it dispensed them all? What if you go to a teller to withdraw cash and watch them count it, but the bank gets robbed?
At least with credit card payments, there's a known and tested dispute process in place.
Vintage computer games and RPG books available. Email me if you're interested.
everything has a risk. Personally, I use online billpay from my bank to send the utilities a check. My bank doesn't just cut a check using my account information, they transfer the money out, cut a check on their own account number, and then send it. Some smaller banks and credit unions will just print a check using your account information, so, send yourself a bill pay for a buck and see if it's your information on the bottom.
Most major utilities use bank lockboxes or if they are large enough... their own. Mail fraud in those instances is very, very low because typically the mail goes out in large automated trays to those addresses vs the one or two letters that you and I are used to getting.
But you ask... sometimes it's an ACH payment using the Billpay... well.. you're right, sometimes it is. However, life is all about risk. Personally, I find it riskier to carry cash on me and drive to 10 different places to pay bills than it is to just go online, have the bank cut a couple checks, and ride it out. I also do not use the bank debit card for anything other than ATM transactions and a few places that will accept debit, but not credit. Sure, let some kiddie get my credit card number and go to town... it takes a phone call and a "um, not me" and I've got a new card on the way with no liability.
I keep a second checking account with debit card. I keep $20 in it normally, but will transfer funds to it from my main account as needed to pay online transactions/bills.
No counterparty risk with Bitcoin!
It's as safe as it has ever been. With TLS encryption, you can be very sure that your CC# will not be intercepted. Then you have to judge if you trust the recipient of that info to keep it protected from hacks.
Wait a couple more decades when quantum computers will allow encryption to be broken in weeks. Then it will not be as safe.
I keep a second checking account with debit card. I keep $20 in it normally
How much does the bank withdraw to cover the monthly fee for having a second checking account? If nothing, how did you qualify for free checking?
You only need to use electronic payments, such as a credit card, not necessarily online. Many thefts used compromised readers during a regular in person transaction, though newer cards make this less likely. Ultimately your retailer will typically store your payment information in a database, along with other personally identifying information. This is even more likely with over the phone purchases. Many companies store it in plain text while few properly hash/encrypt it.
At least around here, most of the utilities can be paid by bringing the bill into the bank. Nothwithstanding, those payments are electronically settled by the bank, so I'm not sure it's any different than posting a payment through a banks web portal.
!Equality through palindromes semordnilap hguorht ytilauqE!
That way, you at least don't have a transaction between your PC and their server every month.
First many banks pay to open accounts so open an account at a bank that is paying those rewards, Every month simply transfer enough to pay your bills to your new PAY OUT ACCOUNTS. For example you can have an account just to pay your electric bill. Leave the required residual in the account so it is not closed. This way if the account is hijacked all you can lose is the electric bill payment. i also use PayPal a lot. So imagine that you set up ten accounts at banks offering sign on bonuses. Mine pay anywhere from $50 to $500 to open an account. Assuming your are all $50. reward accounts you will still quickly and easily earn $500 for a few minutes work. Meanwhile your funds earn interest in your regular account and you never, ever, pay bills from that account so you earn more interest. On most accounts with rewards you are free to change at the $90 day mark. So you can do this many times a year. Also you can earn referral fees for steering others to open accounts so work with a friend and refer each other frequently. Currently some people can actually earn a living simply opening and closing bank accounts.
I have several checking accounts, and I got tired of paying the check printing companies for... printing my checks. So I bought check stock cheap and I print my own. Apparently, the world has gone from magnetic ink to OCR, so I am home free. If I can print my own checks, so can anyone else print anything they want. I could easily print checks from any other business once I have their account number.
What reduces check fraud is enforcement. Or so I think.
A dingo ate my sig...
You have a check book? You pay for checks? And you balance it? Like, on the little paper balance sheet that comes with the checks, with a pen? Why why why?
I pay for virtually everything with credit cards. Like, everything but food from the local taco truck and private purchases, like used cars or used furniture, etc. I certainly don't use a debit card tied to a bank account for online purchases.
The only thing I do online with my actual bank accounts is pay off my credit cards and my mortgage (they won't accept a credit card, but it's a bank, so I feel reasonably safe - and the account I pay it out of is used almost exclusively for that, and nearly always has a zero balance), and transfer money between banks.
If I want to know what's in my bank account, I check it online. I don't ever need to read statements, because I check all my accounts multiple times per month. And paper statements via snail mail? Please.
Now, I'd prefer to have a tokenizing credit account for online purchases with not-so-major vendors, where each payment uses a single-use or limited-use token, but I don't know if that exists in a convenient form. That's how mobile payments work, but that wouldn't currently work for online payments. I'm also not that worried about it, since credit cards do a nice job of protecting customers from fraud, and I've never had a CC number stolen.
And one last thing. If you pay with cash, you are subsidizing the rewards I get by paying with a credit card. Thanks :)
There is risk in everything. Understand the type and extent of those risks. For example, you could get hit by a car while trying to pay a bill in person and die or end up in the with hospital with thousands of $$ in bills. Paying by check or online looks pretty safe by comparison.
Furthermore, paying with a credit card limits your risk to $50 for fraudulent charges - just check your statement every month. If you're really paranoid, get a Bank of America MasterCard. They have a feature called ShopSafe whereby you can create multiple virtual credit cards (linked to your real CC) for use online. You simple specify the amount and duration and new CC and CVV/CVC numbers are generated. As a bonus, only the first vendor to use a virtual card can use that card. You can bump the limit and/or expiration date and "delete" the virtual card at any time.
It must have been something you assimilated. . . .
Go to 7-11 and get a money order to pay those bills.
Although somewhat snarky, the subject line sums up my opinion pretty succinctly: as an individual, does it really matter much?
If my credit card gets compromised, by law the most I'm liable for is $50 (and my bank's policy is that I have $0 liability for fraudulent charges). On the few occasions, when my card information has been misused, the transactions were reversed and a new card in my wallet within a day or two. All I had to do was fill out a form saying "I didn't make these charges.", sign it, and send it to the bank. A mild irritation, to be sure, but hardly a big deal. With chip cards now commonplace in the US, simple cloning of cards is less of an issue than it was.
Legally, I seem to recall that debit cards have somewhat less protection, but banks often extend their $0 liability policy to them as well, so long as you report it being lost or stolen within a reasonable time. Still, I dislike these since one is not merely disputing whether or not one owes money to the bank, but rather if one should get one's own money back.
As for bank transfers and the like, I'd like it if the US would add "push" transfers like European banks do, rather than the "payee pull" system it currently has. Still, my understanding is that one is still protected from unauthorized withdraws from one's bank account.
In short: I'm not terribly concerned about my financial information being abused by criminals, as the law and bank policies offer significant legal protections from fraudulent activity. Any such issues are a minor inconvenience. Of course, one should take reasonable precautions, but in general it's not a big deal. I'm a lot more concerned about criminals gaining access to difficult-to-change/cancel things like one's social security number, with which they could apply for new, unknown-to-you accounts in your name. That's much more of a hassle to resolve than simply having a credit card stolen or a bad guy making an unauthorized debit from one's account.
My answer may not apply to people outside of the US. The rules vary.
The better question, with regard to going all cash, is how liable are you in the event of compromise?
Are online payment systems "safe" in the sense that they are unlikely to be compromised? No, not really.
But if they are compromised, so what? If you use a major credit card, and your number gets compromised, it's really not that big of a deal. Most all of the liability is on the merchant and the card issuer, not you. The worst case scenario I've dealt with is the card being inactive for a few days. If you stick to using credit online, no debit or ACH, this can pretty much be the worst you have to deal with.
This is one reason bitcoin and other digital currencies have difficulty going mainstream. Sure my hardware bitcoin wallet might be 100x more secure than my credit card, but if it gets compromised, I'm screwed. If my credit card gets compromised, I'm merely inconvenienced.
Rather than going to cash, I recommend people try to:
1) Keep at least two major credit cards open at all times with two different banks. Use one regularly, the other is a backup.
2) Avoid using debit or ACH, especially online.
3) Use a system like Mint so that you can easily monitor activity on your cards. If you see any activity that isn't you, be proactive.
4) Use a service like PayPal whenever possible. A lot of my bills are paid via PayPal. If a card is compromised, expired, whatever, I only have to update one place. Plus it gives me yet another entity to share liability in the event of fraud.
If you do these things, you're liable for virtually nothing, and the security of your payments is less of a concern. Let the credit card companies deal with it.
New startup. Pre-fund each expense on your credit card before you spend, use one-time virtual cards on sketchy sites, and pin unique virtual cards to each online vendor so you can lock it down. Credit cards for the modern era.
tora
A teenager in London got a hold off my debit card number, ordered makeup and bling from a small company in Texas, used a San Francisco storage facility for the billing address, and her actual street address for shipping. The transactions didn't get far as the safeguards came into play with the credit union on my end and PayPal on the vendor's end. I even filed a complaint with London PD. The credit union issued a new debit card and that was that.
I use a chromebook and last pass for my online accounts. Never had a problem
Limit your financial and inconvenience exposure by
(1) Closing inactive (i.e., unused 6months) accounts
(2) Initiating a freeze on new credit applications or existing credit reporting
(3) Request a Personal Identification Number (PIN) from the IRS to prevent bad guys from filing a fraudulent tax return in your name
(4) Request your bank to limit the amount of money which can be withdrawn electronically from checking and savings accounts
(5) Don't use debit cards for electronic transactions
(6) Always challenge organizations which request your SSN when establishing an account
(7) Immediately validate/reconcile your financial statements/transaction reports
(8) Use challenge questions with responses that few, if anyone, would know the answer
(9) Take advantage of online businesses which give you the opportunity to receive a separate code on your smart phone, to complete a transaction
(10) Never respond to an initial online request to provide your identifiers or authenticators
and get a one time number to use for any specific transaction.
Master Card and Visa cash cards and gift cards. I buy them with cash at brick and mortar (Wallmart etc.) and use them online.
I wish I could pay my bills with digital currency. That will be the most secure.
You forgot to mention the countless stories of cops seizing cash under civil forfeiture...
:)
But if you do get robbed, which to be fair is rare, having cash is usually a good thing as it makes the robber go away. Trying to explain to a robber that you don't have any money is not necessarily the best way to de-escalate and resolve the conflict
What kind of a stupid fear mongerint topic is this? I mean, really? Somebody's aunt worries about this.
Avoid trump.edu
Come to think of it, avoid donaldjtrump.com as well. Total scam. Preys on the underemployed and under-educated
That's why I only trust https://www.clintonfoundation..... They only prey on greedy CEOs and corrupt officials from foreign nations, they don't go after the small people.
lucm, indeed.
if you use a Credit Card. Credit Cards are essentially loans. Swipe a card to buy a coffee and congrats, you just borrowed money. Our consumer protection laws say that you can't be held liable for more than a token sum ($50) if somebody uses a line of credit without your authorization. Hence all of the risk is on the card issuers. In practice they charge various fees (a lot of them to the businesses) to cover these losses. The cost ends up being built into everything you buy online (and a lot of things bought locally) but OTOH not having to handle cash has it's pluses for both sides.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Here in Australia, many utility bills, licenses and suchlike can be paid over the counter at any Post Office.
Tinfoil hat brigade.
The only thing I do online with my actual bank accounts is pay off my credit cards and my mortgage
How dare you! If everyone was doing like you, the credit card companies would make no money and we would still have to pay things with cash and debit cards, paying obscene transaction fees every time.
People who pay their credit card on time are the modern equivalent of the tragedy of the commons. Start carrying your weight today! Just pay the minimum and slowly build a mountain of debt. That's the American way.
lucm, indeed.
In the US IFF you use a CREDIT card you are only liable for about $50 and most banks wave that. Although banks are always trying to get you to have Debit card I don't and won't have one since it is an open hole to your bank accounts. Debit cards are good for banks, Credit cards are better for everybody else.
had a problem paying for items online. Just use good security and never use your own credit card.
I got my CC nicked three times. I have an alert set up to text me for anything purchased for $1 or more. The CC company is quick to remedy and get a new card in the mail.
I do not use my debit card at stores. That's asking for trouble. I do online bill pay from my bank. I never had an issue will that.
ApplePay FTW. One-shot accounts work for me.
Nothing against ApplePay, I occasionally use it. However many banks allow you to create temporary account numbers linked to your real number. In addition to letting you set the max amount chargeable and expiration date for this number the number may also lock to the first vendor to charge it. So if that vendor gets hacked a second entity will be denied if they attempt to use the temporary number.
buying online from a reputable merchant using a known-clean pc and https is no more safe or unsafe than buying from a reputable merchant in-person and paying with a card.
either one can be hacked.
some precautions you can take online:
use a CREDIT, not debit, card online. the cards may look the same, but the level of protections offered is night-and-day different. it can take a long time to get your money back from fraudulent purchases made with a debit card, and there is a chance you don't get it all back.
use a card from an issuer that can provide one-time-use 'virtual' numbers with a configurable limit.
do not shop online from the same pc you use for your torrents, hacking, gaming, or porn. perhaps get a cheap laptop for ONLY personal/financial tasks and never do them on your 'normal' pc; or consider using a linux live cd/usb whenever you're going to be banking or shopping, and always boot into it to do tasks involving sensitive data.
antivirus and antimalware is a must. keep your system and software up-to-date with security patches.
when using web searches, make sure you're going to the right site. crooks often use ads on search results pages to lure you to THEIR site instead of a legitimate one.
if you know where you're going, type the address into the address bar yourself, don't be a fucking moron and 'google' for amazon and click the first link you see.
never click a link in an email. never respond to spam. never sign up for 'newsletters'. use a separate email for free site registrations to keep that crap out of your 'real' email.
use an email provider that allows you to create multiple aliases. use one for each vendor. if you ever get mail to an address that isn't related to the site it's supposed to be from, you know they're selling your info or have been hacked.
use some god damn common sense. if you're prone to getting malware often. you're too fucking stupid to be using your pc for financial and shopping tasks. there's no shame in being too stupid to use a pc properly, most people can't.
but realize that any precautions you take are only fighting *half the battle*. you are TRUSTING the other end to be as diligent about security as you are supposed to be yourself. hint: most aren't even close.
captcha of the day: stupid
Just get an extra CC.. either from your bank or an alternate.. with a low total balance. In most cases you are at the maximum responsible for $50 US.
If you are truly paranoid.. you can get a pre-paid credit card at most any drugstore/grocery store/world+dog for the amount required for the transaction (with a fee of course). Keeping the card you use on the Internet separate from the one you use in person is always a safer bet. This is like the monetary version of a burner phone. One-time use then grind it into smithereens.
Peace out.
Don't give your bank account number to anyone to withdraw from directly, online or off. (That includes paypal)
Instead - use your BANK'S billpay service (almost all banks and CU's offer one), where you enter your bill account number on your bank's service, and then tetll your bank to send payment(s) in the amount you specify on the date you specify, and the biller (nor anyone that hacks their database) never has access to withdraw money from you.
For services that want a credit card and won't bill you, either
1. If you don't have good credit, buy prepaid reloadable visa or master cards, use a unique one for each biller. Reload them with JUST enough to cover the next month or two of charges.
2. If you have good credit, get a card from either BofA or Citibank - both offer a service where you can generate disposable numbers with a short expiration and chosen charge limit to use either for one-time payments or for recurring charges. You can always deactivate one of these to block future charges. BofA calls theirs "shopsafe", Citi calls it "Virtual Account Numbers"
NEVER give your hard credit card number to anyone online, nor to anyone for any sort of recurring billing. If its compromised, they have to cancel it, and you have to wait to get a new one in the mail.
If somewhere you want to buy from accepts paypal only (such as most eBay sellers), use paypal's "check out as guest with a CC" option and then use either of the two credit card options above (prepaid card, or virtual card)
Please don't reproduce.
Seriosuly, a troll could come up with better bait than this.
When was the last microsoft bashing article, really?
Mostly I just don't worry. If there's fraud I won't be liable for anything significant. That said, I also don't want the hassle of replacing cards because somebody's customer database was compromised. So whenever possible I use payment options that don't result in my card info being on file with yet another third party. PayPal, Apple Pay, buying via a marketplace like Amazon, etc. Each time I can pay with one of those methods, it's one less opportunity for my card info to leak out.
I've never had a problem with credit cards used for online payments. Sure, they'll get compromised, but half the times my cards were compromised it was through brick-and-mortar merchants whose point-of-sale systems were compromised so online use doesn't look to be any more risky that in-person use. Just make sure to check the charges daily (I use a finance program that automatically downloads new charges every morning, plus it gives an alert on the first charge by a new merchant which is convenient). Consumer protection laws in the US keep you from being liable for pretty much all unauthorized activity (at worst you're on the hook for the first $50).
Just don't trust debit cards online, except if they're tied to a bank account that's funded only as needed and doesn't have excess money in it to be absconded with.
1997 called and wants their question back.
Credit cards often supply a layer of buyer protection, against fraud, etc. Don't use debit cards, they can drain your bank account with that and it is gone. A credit card is a good defence. I have been contacted about fraud on my CC twice in several decades and never had to pay what was stolen.
Some credit card companies offer temporary "one time credit card numbers" that you can generate and use. You basically load them up with what you want to pay and use them once and then they are worthless.
I have two bank accounts (plus retirement funds). A big bank account and a small one. I only ever make online transfers from the small one. The most they will get is the small account.
I have used eBay as a buyer for many years and never had a problem that they couldn't fix for me. I would not want to sell on eBay though. You do need to know the limits of the services, like time limits to file a complaint, and don't let a crooked seller delay you past the deadlines. That is not quite so true for PayPal to non-eBay sites. eBay is better than PayPal alone because PayPal doesn't want to cover you as well as eBay. I bought some flash memory from a typical large web store and paid PayPal. It was not the brand or the speed that was advertised. Seller required insured return shipping with tracking number which cost more than the entire shipped original order. PayPal wanted me to do this!!!!!! After I explained that this was a racket SEVERAL TIMES, PayPal FINALLY said "we will refund you this once, but it is not our policy to do this". Don't trust that PayPal will bail you out of these crooked deals, but eBay will, every time.
It has been interesting to read these comments. I have been 10 years away from the US, living in a country where electronic banking and bill payments are much more advanced than in the US. I am now planning to return to the US to live, and this discussion reminds me how primitive US systems are and how much annoyance I will experience in having to re-adapt.
Here (NZ) cash is dwindling in usefulness. Bills like utilities cannot be paid by checque or by cash. One must pay by online banking or by credit/debit card. Online bank transfers directly into the accounts of clubs, charities, tradespeople, just about anybody is the common way to pay -- no checques are cut and nothing is mailed to complete the payment. Account numbers are commonly printed on invoices to facilitate payment.
If you have someone's account number, you can only transfer in, not transfer out. For recurring payments such as utilities it is very common to set up automatic debits with the company which gives them permission to debit your account for the monthly amount. I travel quite a bit, and pretty much have my life "automated". I can go whenever and for however long and not worry about bills, except to make sure there is enough money in the account. I cannot remember the last time I wrote a checque on my NZ account.
I just visited states for the first time in my life. I know Florida doesn't represent the whole country but when it came to paying, the culture is so much different than in Finland.
I try to make this comment short even though paying culture is so different.
First, we never send money in mail. It's not forbidden but it is strongly adviced against by post company. (Rogue postman can steal the letter)
Second, we don't use checks.
We pay mostly by credit/debit cards. If you have a relatively large sum of cash (lets say for example five grands to buy a car) it raises questions. Where did this money come from? Why didn't you pay with your bank account via bank transfer or card?
We have a system where it is virtually necessary to have a bank account in this country. You go to work, your salary is paid to your bank account. You need to lend a money from friend? They transfer money to your bank account and it shows in real time.
We have become heavily dependant from internet services today. You pay your bills from your bank account using online bank service. (Mostly only elderly people still go to bank with their electricity bill etc. and pay them there. But still not with cash but from their bank account)
If you need to prove your identity in the internet (mostly goverment services), banks act as a third party that guarantee that the person online is you. You use your online bank crecentials to identify and give permission for the bank to give your personal details to a service you are using.
We do have ATM's but cash is slowly disappearing. Over 99% of shops have payment terminals.
Paying online via your banks internet service is quite safe here. You can see where the money came to your bank account and where it has gone when you use it.
Only problem is paying outside of the country. If i would order something from american ebay and fall a victim of fraud (money gone, no item received) it is really hard to track down where did the money go and it's hard to get it back even with police.
I use my bank's bill pay system for everything except for two fossil payees to whom I have to mail checks, like we did in the 1900s. These are the ones I have trouble with, because an average of once a year the checks just never get there, even though one is a block away from me.
This is one area where the Europeans do it better: make everybody use their equivalent to the bank transfer system.
These days though maybe not by law, most banks have similar fraud protections for both debit and credit cards. The open hole to your bank account is called a check. With those numbers on the bottom of each check you write, which don't change from check to check, someone could withdraw whatever they like from your checking account.
Unless you live in some weird arse country that has no rights to dispute payments on a credit card then your CC is probably far safer than using cash. Seems the poster either lives in a very unsafe country or is ignorant of the reality.
While nothing is 100% safe online, paying online is much more dangerous for users that aren't smart with their computer before they ever go to buy something.
With that said, I'd avoid using checking account numbers for online purchases. It is riskier than credit or debit cards because all someone has to do is credit an ACH payment against your routing and account number and the money is withdrawn and gone. At best, you only lose a few hours of your life and deal with the following:
You have to contact your bank the moment you catch it (don't wait on it), close that account, and open a new account - probably with a longer number to memorize than the last one.
* You have to dispose of any paper checks and pay the bank $20+ to get a new box printed and sent to you.
* You have to change every auto payment you have set up. If you happen to close that account around the time an automated payment hits, that utility/company will not let you off the hook. That's usually another $20-$30 fee.
* You have to memorize a new checking account number if you want to continue to use it for anything online.
* Hopefully your bank will refund your lost money up to a point - in a business day or two.
If a fraudulent charge hits your credit card, however, it's the bank's problem once you catch it. They take any losses (usually a write-off). And credit card companies are usually pretty good about contacting you when something suspicious happens (because it's in their best interest).
If you must use a checking account number, I'd avoid saving it as the default payment method for future convenience.
Well, it's probably safer than handing your credit card to the 19 year old making $10 an hour at your local Applebees or running a tab at your local Pub.
I never carry cash anymore. I pay-tap everywhere. As to CC transactions, that's payment of last resort. All my bills are paid by direct debit. Not in my list? I get an SMS needed to add. Other transactions, via PayPal if available. Approved by, wait for it, SMS code. Last resort, CC details. They've been hijacked twice, each time reversed withing 18 hours. Get with the times.
Way back when I started using MBNA's ShopSafe system for online purchases. BankAmerica bought them and implemented their technology.
ShopSafe allows you to generate a temporary credit card number that is good from 2 - 12 months, with whatever dollar amount you wish (up to your credit line limit).
I have a BofA CC that I use exclusively for Internet purchases. The physical card itself is stored in my safe and has never had that account number used, other than the generated ShopSafe numbers.
I've never had a fraud problem using this system (going on something like 18 years). Each place I buy from gets a unique CC number, with a dollar amount rounded up $5-10 above what I think the total will be (and can be adjusted higher by me after the fact).
CitiBank has(had) a system that was like this as well. I haven't used it since I use my CitiBank card in person (and never online).
.
Easy fix, worked ever since:
Setup a separate account at the bank for online stuff, in my case, with a debit card. Don't keep any real amount of money in the account. Just before clicking the final "check out" or "place my order", log into the bank and transfer just the right amount into the online account.
That account normally only has a small amount of money in it - $20-$50, which is all that can be stolen. I had to tell the bank to turn off auto-overdraft "protection" on the account, which used to be something they didn't like, but now they understand why (my banker does this for himself as well). I can lose $50 and not die. When I got hacked, it was the payroll account for a business I owned - that could have been a real problem!
Why guess when you can know? Measure!
I have been using direct deposit for all my adult life, 20+ years, for all utilities' bills... Using eBanking on www for last 18 years to do this. Works well. No security risks, as the recipient doesn't charge my account, they just get the money in theirs...
Not "safe" at all. Your best bet is a low-limit credit card with a bank that has a friendly fraud policy (as in: not much paperwork, preferably just a phone call to report the fraud).
Personally, I maintain a $1000 limit card with such a bank. I pay it off weekly from a separate account to which I transfer funds to specifically to cover these transactions. Said bank provides email transaction alerts; I know in minutes of every transaction that occurs. This card gets frauded on a way-too-regular basis, due to using it regularly for every transaction I consider less than safe; online, gas stations, etc.
I may be one of the few but I started doing that when the check-printing software I used to use started sucking.
Either I couldn't find the original install media or that version didn't work on a newer version of Windows, I can't remember. I got their upgraded software but it absolutely sucked if it worked at all. Besides printing your own checks isn't really worth the hassle anyway. My printer has been out of ink for several years now.
I could pay most of my bills by phone and with a credit card but first the gas company started charging a ridiculous fee to pay with credit card. I actually started paying it every other month at the grocery store by Western Union. That made it cost only a bit more than the postage stamp that I used to use to mail it in.
That got to be too much of a hassle though and I relented and started paying with my checking account still over the phone though.
The phone might actually be only as secure as my phone is, which is to say not really secure at all. On the other hand until a few months ago one bill I couldn't pay by phone was using https frames in an http page* which they swore was totally secure. Only other option would be to mail it to them.
* - This is how it appeared to me - I'm not that knowledgeable in that area but I certainly didn't trust it.
That's quite an AT&T vs Verizon situation.
It's a shame some industries like this got a quite bad duopoly.
The fact that you are still asking this question amazes me. I'll skip over the checkbook comment and go straight into: you type your credit card number in at a random website? CRAZY!
Okay onto the serious talk, we live in a world of technology and a world of attacks. The idea is we should chose who we give our personal information to, and we should trust those people to keep it safe. In that regard, putting a credit card in on some random online site is archaic, what happens when that site gets hacked!
Many other countries have payment schemes that prevent the vendor ever being in contact with *your* financial information. Monthly utility bills? Well look to Australia and their BPay system, which is managed entirely from your online bank account with 2 numbers, a Biller number and a Reference number. When filling out the Biller number it is automatically looked up so when I enter it online it will straight away say you're paying your "Origin Energy Gas" bill or something like that. In many other countries they use a similar system with direct debit, an additional set of numbers that reference your account with the third party. That makes it trivial for utilities to manage their accounts.
Now online ... a crap example would be Paypal. The web of trust is then limited to Paypal and your bank as the details used to pay are not entered into the vendor website. Now what you may think of Paypal here is irrelevant to the process. But other countries use similar systems that prevent a vendor from ever having access to your details. E.g. Netherlands iDEAL system. You elect to pay via iDEAL and select the bank. You get redirected to your bank's website where you log in, select which account to pay from, and the bank then sends a confirmation to the vendor that you paid.
Giving vendors your financials is sooo 2005.
I hope you are ironic in your statement there... but you never know with the crazies out there..
Bank often offer insurance against credit card fraud. And it isn't too expensive, sometimes it is built in.
It should tell you it isn't too risky.
If the concern is paying bills without sending personal checks that have account information tied to them, look into money orders or cashier's checks. A cashier's check is tied to the bank's own funds, and is totally separate from your own account. Money orders are similar, provided at a variety of locations, and don't require you to have an account with the issuer and can be paid for in cash.
I never use my real credit card number for any online transactions. You don't have any control over your data once give it to the "system". Instead, I use Virtual Credit Cards "VCC". https://en.wikipedia.org/wiki/... These "VCC" have a user configured credit limit, and are good for only transaction. So even if these are stolen/leaked, it doesn't really impact you. My bank typically generates these with a validity of 2 months, so any reverse/cash-backs from the vendor can still use these "VCC" numbers.
Credit cards usually come with a zero liability clause as long as you pay attention to your statements and review every month... Pretty safe I'd say.
Euro-peon here (Ireland). I use a debit card linked to my current (checking) account for small purchases, and a credit card for online and larger purchases, which I can usually pay off every month unless it's very large. The debit card is touch-enabled, which has some security features built in. Touch purchases are limited to €30 and after three of those you'll be asked to insert the card and enter the PIN - so if the touch system is compromised there's a "stop" on that. As far as I can tell those touch purchases are authorised without checking your current balance, and might not hit your account until days later.
I have heard of "walk-by" attacks on touch cards here - e.g. one lady I know had €11 taken off her card that was apparently billed to a pay email service on an ISP in New Zealand. Small, one-off charges that the payee might not even notice if they are a heavy user of that card. There are things you can do to avoid that, such as not keeping the card on you in an obvious place such as handbag or back pocket. Or tin foil.
(this is not a
With those numbers on the bottom of each check you write ... someone could withdraw whatever they like from your checking account.
How?
What if PayPal, Apple Pay, and Amazon get hacked, like everyone else is lately? Now you're screwed. Letting more people store your payment methods is not more secure, it's less secure. You're trusting the wrong people.
Just use this: https://www.bankofamerica.com/...
How secure are you?
If you are a typical clueless user it's a coin toss.
For instance most don't even know if their firewall is on and don't update software and would have little clue they are infected till they crash.
If not it's just an acceptable risk.
Answer #1: Unsafe as hell. SItes are hacked all the time. Banks lose astounding amounts to computer fraud and never report them.
Answer #2: Pretty safe. What's protecting you is not fancy technology, but a legal framework that limits your liability in the event of fraud. This legal framework is essential; without it, the entire system would collapse.
I do not use my checking account or debit card for any purchase, just bill pay to the credit card. Getting your checking account drained by fraud can be disastrous. Credit card fraud is trivial
Yes, it's like choosing between soft drinks and diet soft drinks. It comes down to a personal preference: do you want obesity/diabetes, or cancer.
lucm, indeed.
getfinal.com lets you create 1 CC per vendor and lock it to them.
It appears to me that life and the political system themselves are doing a good job of being ironic lately. It's very convenient, we merely have to bring things up and they're hilarious by themselves.
For instance, to "fight sexism" there's groups, conferences, education programs and even hotel floors where only women are allowed. Or there's the "antifascists" who use violence and political pressure to silence people. White and Asian males are discriminated against in the workplace in order to fight against discrimination based on gender and race. Etc.
lucm, indeed.
Ever since I discovered modern cars can be hacked to kill their occupants I've been driving a Model-T around. Sure, I have to manually crank the engine which prevents me from driving in the winter, but my arms have more muscle definition (which also has the positive effect of making the task of masturbation that much easier.)
0 minutes of research tells me that my IIHS crash and safety ratings are not exactly as good as a modern Suzuki Sidekick, but short of a few gusts of wind I can't see any way to avoid death or dismemberment. I mean how safe can a modern car be? https://www.youtube.com/watch?v=fPF4fBGNK0U
I got bitcoin. Where are my cock eggs?
My personal solution is to have 3-6 prepaid cards in my possession, and keep reasonably small balances on them. Each card has a specific set of payment responsibilities, so to speak. One card pays utilities and so on, one pays for groceries, one is for incidentals, and one or more lie mostly dormant.
When a card is inevitably compromised, it's one of many, has limits to the damage, and I have an immediate drop in replacement available. I can then proceed with typical fraud recovery without there being any real urgency on my side, other than the desire to recover the funds. When asked for photo ID I never present my drivers license; I use either my work issued ID or if government issued ID is required, my passport card, which supplies much less excess information.
Paranoia and defense in depth. Also, sign up for LifeLock.
Not the old kind with AOHell but one linked to actual accounts. Banks used to offer them but they never caught on. I use privacy.com and they let you setup " merchant" cards for recurring payments and "burner" cards for one time purchases. I've seen denials on burner cards and then contacted the original vendor about it and helped them track down a data breach. Been using it for over a year now and I'm very happy with the offering.
Credit cards actually a lot safer than many other ways as long as you keep an eye on the transactions, both from the perspective of fraud as well as running up a ruinous balance.
The subject "good timing" is because I was the "victim" of fraud last night. I have a Capital One card and their digital wallet App on my iPhone. Some time just after 10 pm the phone buzzed with two notifications "your charge to X has been approved" and seconds later "A transaction with company Y has triggered a fraud alert. Did you make the charge?". I answered "NO" and my card was immediately locked down. A short phone call later and my new card is coming Fedex in two business days. So, "victim" was in quotes earlier because the only harm to me was inconvenience of having to make a phone call and wait for a new card.
On the other hand I do not use debit cards and avoid cash and checks if I can. The reason for avoiding debit cards has been given by others here. If the fraud last night had been to a debit card then it would have been MY money that was gone and not the banks. Getting my money back would then be subject to the whim of the bank. Avoiding checks is because they have all my bank account information printed on them! What a crazy security risk! Avoiding cash is just a matter of preference, I hate dealing with coins. Instead of writing checks I use my bank's Bill Pay service, which is free, and have them write and mail the check for me. I discovered that the checks that they send do not have my bank account info on them and are, presumably, immune from fraud that would impact me directly.
http://dilbert.com/strip/1996-...
I pay cash for any purchases done in person and have 2 pre-paid debit cards not linked to any other accounts. One card I use for online purchases, the other card I use for paying bills. I refill the cards each month with cash taken out of my bank account by physically going to the bank (not using an ATM). For me, this is a comfortable compromise between being stupid and being paranoid.
Fuck PayPal and their unregulated bullshit.
When a company can freeze your accounts on a whim with near zero recourse and no regulated oversight, I refuse to use them.
For anything. Ever.
If someone gets my CC# and charges stuff then my CC company absorbs the loss. By paying cash you're giving up 2% cash back. That's not a price I'm willing to pay. I'd love if it I could pay *everything* on my credit card. Mortgage, property tax, etc. Want those sweet, sweet rewards.
I think the first time I paid for something online was in 1995, and I'm sure since then that I've transacted hundreds if not over a thousand times online since then (never really thought about the raw number) with more or less a dozen or so different cards. I've had precisely no issues online, ever.
I do basic things that any not brain dead person would. I use a credit card (because credit card companies have your back in a way that no bank ever will) and I try to not deal with shady fuckers that I haven't researched. Also, check that bill every month, as soon as you get it, and deal with anything weird that day. Don't be like my semi-retarded aunt who waited six weeks to report an unauthorized set of purchases.
The good folks (well, the folks) at VISA also seem to be pretty fucking on the ball when it comes to catching unusual activity on my card. Thus far, that has usually been when I spend more than about $500 in multiple transactions in one day, be it online or in a physical store.
If you don't use a credit card, best of luck to you because you're probably gonna need it.
I live in a civilized country that the liability of fraudulent transactions are the onus of the bank and my funds are never directly affected. So no, I don't particularly care.
Some Banks will send you SMS notifications and/or e-mail every time a Credit/Debit is posted to one of your accounts, usually within seconds of the transaction being Authorized.
Paying your Credit Card from your Chequing Account will generate two alerts -- one for the Withdrawl and one for the Payment.
If your Bank does not do this, deal with a better Bank.
I realize that most American Banks will not do this, that is because they "support" (make money from) fraudulent transactions. Royal Bank of Canada (to name one) does provide the ability to send such notifications and has done so for many years. Perhaps y'all should move into the 20th century.
Make a fake check, Its really not that hard. Most businesses don't use a "check book" rather blank check stock that they just print all the info on. Not really that hard to get your hands on some of that. or Sign up at paypal or any number of other sites that can pull directly from checking using the info from the bottom of the check to drain your account.
Really checks are one of the most insecure payment methods these days. Since a check transaction is a pull from your account without your OK before hand, little authentication other than is there enough cash in the account for the check to clear and does the name/address on the front match what is on the account.
Those numbers at the bottom of the check are literally the routing number (A code to which bank the account is at) and then your actual account number.
Sure you can dispute the fraudulent transaction, but i'm sure there are more hoops to jump though than a card based dispute. Since you are dealing directly with the bank, where as a card transaction is going to usually be Visa or MasterCard and they probably barely bat an eye at it if it is under a certain amount, and then just write it off as a cost of business.
Apparently you value your time at a very low rate.
Get a good credit card with some customer service, become a good customer by paying in full every month and if there's ever a problem take it up with them.
To physically go places and pay cash is ridiculous in the year 2017.
It adds an additional cost and a bit of inconvenience, but if you regularly shop or visit the post office you can get one there. All the benefits of a check since you get a receipt but no danger posed to your bank account.
I've been online since 1992 and I have been banking online, shopping on eBay and Amazon, and using Paypal since 1997. My dad was managing his bank account and at least one of his credit cards online via Prodigy as far back as 1986. I thought he was completely insane to be so trusting, and I was probably 10 years old at that time.
... that the commies are putting fluoride in the water, too.
We must deny them our essence.
I can easily pay my monthly bills on line in less than five minutes. To fill out checks and mail them is a slow process that may occupy an hour or two of my time. So in addition to saving stamps and stationary I also save a lot of time every month. Losses from on line bill pay and purchases over the years has been next to none at all. i purchased one pair of shoes that were a bit tight and they were inexpensive. i did not send them back as the cost of shipping and the cost of the shoes were way too close to each other.
Sweden, Norway, & Denmark
You may find paying cash nearly impossible.
Tracy Johnson
Old fashioned text games hosted below:
http://empire.openmpe.com/
BT
Donuts cannot be expensive when someone else is paying for them.
Cash is great. With cash it's much easier to track exactly how much money you have and exactly how much money you can spend. Small business owners will often cut you a cash discount if you ask. There are never overdraft fees from cash transactions. I use cash for virtually all of my in-person transactions. I was nearly 100% electronic at one point, and I'm glad I stopped doing that. Regardless of your level of income, cash is what is convenient. Electronic is what is convenient for BANKS ONLY. Don't let their marketing fool you.
I would say the main advantage of plastic over paper (actually it's more of a fabric) is:
1) you build credit by using credit cards
2) you earn points / cash back when using credit cards
3) even if you card gets cloned, stolen, or hacked - it's insured by the credit card companies and you lose nothing
4) you can consolidate all your bills and track purchases in one place
5) as long as you pay off your card every month (which is the only way I would ever use one), it's 'free' money - no interest.
6) certain cards give you additional perks (discounted purchasing on travel, events, goods, clubs)
7) you don't need to worry about being mugged / pick-pocketed (although as a 6'3 240lb male living in Virginia, I'm not overly concerned).
8) you don't need to worry about counterfeits.
9) money is filthy!! Every bit as bad as picking up toilet paper off the ground in the bathroom (or worse).