Are Online Payments Safer with One-Time-Use Debit Card Numbers?

In late 2010 Google came up with a brilliant way to authenticate into its accounts across the web that adds an extra layer of security to your login. The idea behind Google Authenticator wasn’t novel, but it popularized the idea of one-time passwords (OTPs). Having a discardable authentication method that can only be used once makes it nearly impossible for any one account to be hacked, even if the hackers knew the password. A startup called Privacy has created a solution that uses a similar concept for debit cards, generating a “proxy” credit card number each time you need to make a payment online.

otpdebit-keyboard

The way a “throwaway card” works is very simple: You input your card number into an application that guarantees its safety, and the application spits out another number. This way you can make a payment using your debit card without revealing its real number to the company on the receiving end of the transaction. In theory by masking your number, you have more control over your financial data. This also makes it easy to cancel a number without having to go through the hassle of getting a new card from your issuer.

otpdebit-onlineshopping

Sniffing out credit card numbers online has become a very lucrative way to score some cash. Breaches like the one that Target suffered in 2013 have left millions of consumers exposed to this kind of fraud. Using a throwaway number, however, minimizes the risk of having your card information swiped from you. Using Privacy as an example, you can establish each throwaway number to be used for one particular service (one virtual card for Netflix, another for Spotify, etc.). This way when hackers manage to steal that particular number, it will be useless except for that single service. Fraudsters are interested in using one card through several different avenues, so having such a restriction in place would take your number out of consideration for them.

Technically, you could also make a virtual card for one single transaction, making the number stored in the database useless for any further purchases. This makes you literally impervious to any fraud attempt.

If hackers have no way of seeing your actual debit card number, there is no reason to believe that they’ll be able to inflict any financial harm. The only instance in which I think you’d be taking a risk is if someone has installed a keylogger on your computer before you input your real number into the application. To prevent such a thing from happening, you should ensure that your security software is up to date and avoid downloading software from dubious sources. If you want to protect yourself even further, make sure that you do not type up your debit card information and send it through a public Wi-Fi network. Online purchases should be made from home whenever possible.

Are there any other pieces of advice you have for people who shop online? Let us know in a comment!

Leave a Reply

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.