Buying things over the internet with credit cards can be risky. Banks are getting hacked left and right, and although there are services like PayPal, which act as an intermediary between your bank account and the retailer, it’s still good to be as cautious as you can. A new service called Privacy aims to take a bite out of the PayPal pie.
Temporary Credit Cards with Privacy.com
Privacy is a relatively new financial tech company, and their goal is to replace your credit and debit cards with new digital ones. Created by a small, three-person team (with a chairperson), the company provides you with a new card number for each online transaction you make. Privacy protects customers from card fraud, data breaches, and identity theft.
The digital cards that Privacy generates are Visa cards and are accepted everywhere that regular Visa cards are accepted. These virtual cards work in the same way that gift cards work. You can make sure that each card can only be used for an individual merchant, such as Amazon.
Further customization gives you options to set a transaction limit for each card, or a monthly spending limit. For websites that are less reputable (hi PornHub), you can even create a burner card that can only be used once.
Since Privacy.com connects directly to your bank account, the experience is pretty seamless.
Currently Supported Banks
The company says that the list of banks they support is always growing, but as of 6/27/2016 here are the ones they do support:
- Bank of America
- Capital One 360
- Charles Schwab
- Navy Federal Credit Union
- PNC Bank
- TD Bank
- US Bank
- Wells Fargo
If your bank isn’t on the list, you can email them at firstname.lastname@example.org, and request a bank for them to add.
Encryption and Security
Privacy has made sure to use proper encryption standards to protect your financial information – and in my opinion, they have a well thought out approach to user security.
Privacy is PCI-DSS compliant, which stands for Payment Card Industry Data Security Standard. PCI-DSS is an information security standard used by companies that deal with credit cards, which includes all of the major credit card companies.
All passwords created by customers are PBKDF2 hashed with 100,000 different iterations. The hashes are salted to make attacks that use rainbow tables harder to carry out. Customer information of a particularly sensitive nature is encrypted with split-key encryption. No single employee has access to the complete key.
All of Privacy’s web traffic is sent using Transport Layer Security HSTS for maximum security. Information sent to data centers are kept secure with IPSec AES-256 encryption.
Generating Temporary Credit Cards
Currently, Privacy has an iOS app, and the Privacy browser extension is available for Google Chrome and FireFox, with support for Safari and Internet Explorer in the future. Since the company is so new, people need to request an invite to start using the service, but I was able to receive one quickly. An Android user in our office was disappointed when he found out that there was no Android app available. Hopefully, this will change soon.
Privacy is free to use, and they make money by getting a share of the interchange fee that a merchant pays to Visa and your bank. According to their FAQ section on the website, they are planning to introduce premium features in the future, but the core business of issuing virtual cards will always remain free.