Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Security Privacy The Almighty Buck

Ask Slashdot: How Safe, Really, Is Paying For Things Online? 396

An anonymous reader writes: Due to the rash of intrusions into electronic payment systems lately, I've decided to go back to paying cash for everyday purchases, groceries, fuel, and anything else I pay for in person (which also has the positive effect of making balacing my checkbook every month that much easier). The question I have is: For the monthly bills it's just not practical to pay in person (utilities, for instance), how safe are those?

Five minutes of research is telling me that mailing paper checks isn't any more secure than online electronic payments and in fact may be even less secure, but short of literally showing up at the electric company, phone company, ISP, and so on, and paying them cash in person, I can't see any other way to pay them. So how safe is it right now, honestly?

I'm always interested in how Slashdot readers secure their own personal finances -- but how high is the danger that a remote malefactor will hijack and then drain your bank account? Leave your best answers in the comments. How safe, really, is paying for things online?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: How Safe, Really, Is Paying For Things Online?

Comments Filter:
  • old movie (Score:5, Funny)

    by turkeydance ( 1266624 ) on Saturday July 08, 2017 @09:37PM (#54771669)
    "Is It Safe?" https://en.wikipedia.org/wiki/... [wikipedia.org]
    • Re:old movie (Score:5, Informative)

      by MangoCats ( 2757129 ) on Saturday July 08, 2017 @10:12PM (#54771757)

      Been paying for stuff online since 1999, frequency of CC number changes is about the same pre and post... occasional bogus charge shows up, call the company, charge is reversed and we get new card numbers... no drama, minor hassle, way better than mailing checks.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        I don't know why anybody in the US even cares about credit card theft at all. Unless you're with a downright crappy bank, you aren't liable for even one cent worth of fraudulent charges. You get people who fret over buying those ultimately useless contactless credit card shields and trying to go back to checks (seriously?) for nothing.

        In the EU I could see avoiding it because they have no concept of zero fraud liability and the banks are allowed to stick it up your ass. But EU is so poor that restaurants ch

        • by Calydor ( 739835 )

          But EU is so poor that restaurants charge money for water

          At least they don't fill the water jug from the broken toilet out back.

          Seriously, how did you turn this discussion around to bashing the EU? Got an agenda going there?

        • Re: (Score:2, Interesting)

          by rtb61 ( 674572 )

          The law is fairly clear, the onus of credit card purchases is upon the person who accepts the card. It is their legal responsibility to ensure the person entitled to use the credit card is the person attempting to use the card. How this is done is pretty hairy fairy ie they pretend to check properly but it is nearly impossible to do, unless cards come with pictures and thumb prints and the those items are secured. Now as that security is pretty much hairy fairy make belief, the credit card companies came up

    • Paying for things online is perfectly safe. Any reversible transaction is safe for the payer.

      Receiving payments online is much less safe. Transactions without effective non-repudiation offer risk for the seller.

    • Just use a credit card, set a low limit on the volume of outstanding transactions, and check the if the expenses listed are legit before you pay up. If not then report it.

  • by jcr ( 53032 ) <jcr.mac@com> on Saturday July 08, 2017 @09:44PM (#54771685) Journal

    One-shot accounts work for me. I go to a site, hit the Applepay button, my phone asks for my thumbprint, and i'm good to go.

    -jcr

  • Not all that safe. But my credit card gives me a window to dispute charges, and a level of indirection I'm comfortable with.

    • It's as safe as it has ever been. With TLS encryption, you can be very sure that your CC# will not be intercepted. Then you have to judge if you trust the recipient of that info to keep it protected from hacks.

      Wait a couple more decades when quantum computers will allow encryption to be broken in weeks. Then it will not be as safe.
      • Re:How safe? (Score:4, Insightful)

        by MangoCats ( 2757129 ) on Saturday July 08, 2017 @10:14PM (#54771761)

        Your CC# has always been vulnerable at the endpoints, whether or not it gets trawled up with a million others in a hacking scheme is a much smaller risk.

      • by lucm ( 889690 )

        Wait a couple more decades when quantum computers will allow encryption to be broken in weeks.

        I'm sure by then the world will still rely on encryption that can be broken by quantum computers.

    • by murdocj ( 543661 )

      Not to mention my CC company seems to detect fraud attempts almost instantly.

    • by skids ( 119237 )

      Watch those change-in-term notices from your bank and CC provider. Recently mine reduced the standard of liability on debit card transactions. And online bill pay has less protection than the cards do... though supposedly they are limited as to how hard they can shaft you by Federal Reserve Regulation E. At least until the Fed gets seeded with cleptocrats.

      I actually sacrificed a bunch of interest income to deactivate online banking, as it cannot be deactivated while keeping electronic statements, and you

      • Sorry, but debit cards are for idiots. If you are going to use plastic, get a benefit from it, and also reduce your risk!!
  • ad absudium (Score:5, Insightful)

    by SuiteSisterMary ( 123932 ) <slebrun@nosPam.gmail.com> on Saturday July 08, 2017 @09:51PM (#54771703) Journal

    Well, how safe is it to be walking around with a pocket full of cash? What if you get robbed? What if you drop your wallet? What if you go to the bank machine and it dispenses too few bills, but thinks it dispensed them all? What if you go to a teller to withdraw cash and watch them count it, but the bank gets robbed?

    At least with credit card payments, there's a known and tested dispute process in place.

    • You forgot to mention the countless stories of cops seizing cash under civil forfeiture...

      But if you do get robbed, which to be fair is rare, having cash is usually a good thing as it makes the robber go away. Trying to explain to a robber that you don't have any money is not necessarily the best way to de-escalate and resolve the conflict :)
    • by Khyber ( 864651 )

      "Well, how safe is it to be walking around with a pocket full of cash?"

      Pretty safe if you don't do stupid shit like go walking in the ghetto dressed up like you're the next Donald Trump.

    • by swell ( 195815 )

      offtopic

      Unless you pay with cash for online purchases.
      Nobody expects you to read TFA, but maybe TFS, or at least the HEADLINE:

      "Ask Slashdot: How Safe, Really, Is Paying For Things Online?"

    • I use a credit card whenever I can but I always keep around ~$200 in my wallet. It won't break me if I lose it and it can cover small emergencies.

      I only have ONE credit card now since the bank where I have both checking and savings accounts cancelled my other one because I never used it. Or rather hardly ever used it.

      My remaining card information has been stolen a few times (never the physical card) and I've never been held liable for the fraudulent charges but I've sometimes only found out at the cash re

      • by tlhIngan ( 30335 )

        So now I just wonder how my card has been stolen so much. I sometimes use it online, but not very often. Could one of the stores where I used it be to blame?

        The answer is basically, yes.

        The online stores are almost always to blame - usually using bad security practices or improperly storing the data.

        Usually for the dodgier stores, I revert to using Paypal - once I started doing this, me number of times i had to change my card dropped from once a year to I haven't had to in the past 5. One year it was so bad

  • ... okay (Score:4, Insightful)

    by starblazer ( 49187 ) on Saturday July 08, 2017 @09:54PM (#54771707) Homepage
    everything has a risk. Personally, I use online billpay from my bank to send the utilities a check. My bank doesn't just cut a check using my account information, they transfer the money out, cut a check on their own account number, and then send it. Some smaller banks and credit unions will just print a check using your account information, so, send yourself a bill pay for a buck and see if it's your information on the bottom.

    Most major utilities use bank lockboxes or if they are large enough... their own. Mail fraud in those instances is very, very low because typically the mail goes out in large automated trays to those addresses vs the one or two letters that you and I are used to getting.

    But you ask... sometimes it's an ACH payment using the Billpay... well.. you're right, sometimes it is. However, life is all about risk. Personally, I find it riskier to carry cash on me and drive to 10 different places to pay bills than it is to just go online, have the bank cut a couple checks, and ride it out. I also do not use the bank debit card for anything other than ATM transactions and a few places that will accept debit, but not credit. Sure, let some kiddie get my credit card number and go to town... it takes a phone call and a "um, not me" and I've got a new card on the way with no liability.
    • That same, "um, not me," is all that's necessary with my bank's debit cards, as well. I suspect that it's because the card is also a Visa card. They called me three weeks ago with a suspicious transaction. I said, "um, not me," and that was it. The $817.43 charge was gone, the card number revoked.

      The worst part was that I had to wait about ten days for a new card/number.
      • by Nethead ( 1563 )

        Yep, same thing that happened to me a few weeks ago. I was lucky that I had just a month before got a debit card from my retirement program (very respected non-profit firm) that I had put a few hundred on just in case I lost my wallet. It was nice to have another card for the week it took to get the new main card. I suggest checking to see if your retirement firm has something like that available. One other plus for me is that the retirement card is interest bearing, not much, but enough to not have to

  • False assumption (Score:4, Informative)

    by burtosis ( 1124179 ) on Saturday July 08, 2017 @10:05PM (#54771737)
    You only need to use electronic payments, such as a credit card, not necessarily online. Many thefts used compromised readers during a regular in person transaction, though newer cards make this less likely. Ultimately your retailer will typically store your payment information in a database, along with other personally identifying information. This is even more likely with over the phone purchases. Many companies store it in plain text while few properly hash/encrypt it.
    • If you had read even the summary, you would have seen that the poster has gone back to using cash for in person purchases.
    • Many thefts used compromised readers during a regular in person transaction, though newer cards make this less likely.

      Much MUCH less likely. Modern chip/NFC cards with modern readers do not provide anything to the reader which could be used to perform a subsequent payment without the card being inserted again.

      • by dgatwood ( 11270 )

        No, not at all less likely. How many users know how many seconds it takes to perform a transaction? And what, precisely, prevents it from executing more than one simultaneously, on behalf of another card reader somewhere else?

      • by lucm ( 889690 )

        Many thefts used compromised readers during a regular in person transaction, though newer cards make this less likely.

        Much MUCH less likely. Modern chip/NFC cards with modern readers do not provide anything to the reader which could be used to perform a subsequent payment without the card being inserted again.

        Good. That's why I always sign away a big tip when I get the receipt back from the waiter/waitress at those fancy restaurants. Since I have my card back I know they'll never be able to charge the tip.

        • Good. That's why I always sign away a big tip when I get the receipt back from the waiter/waitress at those fancy restaurants. Since I have my card back I know they'll never be able to charge the tip.

          Sorry, but the card/reader interaction results in an approval of the charged amount. The tip is added later, when the day's batch of transactions are submitted for actual payment. I hope you didn't tip too much :p

    • by swillden ( 191260 ) <shawn-ds@willden.org> on Sunday July 09, 2017 @12:44AM (#54772125) Homepage Journal

      You only need to use electronic payments, such as a credit card, not necessarily online. Many thefts used compromised readers during a regular in person transaction, though newer cards make this less likely. Ultimately your retailer will typically store your payment information in a database, along with other personally identifying information. This is even more likely with over the phone purchases. Many companies store it in plain text while few properly hash/encrypt it.

      The above isn't actually all that true; PCI requirements demand encryption at rest (encryption, not hashing, there's no point in hashing a credit card number). But let's assume that it's true.

      Meh. I don't care.

      By federal law, my liability for any fraud is limited to $50. In practice, no credit card issuer I've ever met in the US (and I used to do security consulting for credit card issuers, so I've met a lot of them) charges cardholders a penny. If you claim that a transaction is fraudulent, and they can't prove it wasn't, you won't pay a penny. If they're pretty sure you're the fraudster, they'll just cancel your card, and refuse to do business with you any more.

      Credit card payment is the safest form of payment, online or in meatspace. Cash is the least safe form of payment.

      Note that I'm talking about safety, not privacy. That's a separate issue, and on the privacy axis cash is king and credit cards are awful (though personal checks are significantly worse, assuming you can find someone still willing to accept one).

      Note also that debit card transactions (when processed through the debit networks, not as credit cards) do not provide the same protections that credit cards do. Many banks do handle fraud similarly, but you need to get your bank's policy to know. With credit cards, the $50 liability limit is guaranteed by law.

  • by SirCowMan ( 1309199 ) on Saturday July 08, 2017 @10:07PM (#54771739)
    At least around here, most of the utilities can be paid by bringing the bill into the bank. Nothwithstanding, those payments are electronically settled by the bank, so I'm not sure it's any different than posting a payment through a banks web portal.
  • First many banks pay to open accounts so open an account at a bank that is paying those rewards, Every month simply transfer enough to pay your bills to your new PAY OUT ACCOUNTS. For example you can have an account just to pay your electric bill. Leave the required residual in the account so it is not closed. This way if the account is hijacked all you can lose is the electric bill payment. i also use PayPal a lot. So imagine that you set up ten accounts at banks offering sign on bonuses. Mine
  • No real answer. (Score:5, Informative)

    by glitch! ( 57276 ) on Saturday July 08, 2017 @10:15PM (#54771763)

    I have several checking accounts, and I got tired of paying the check printing companies for... printing my checks. So I bought check stock cheap and I print my own. Apparently, the world has gone from magnetic ink to OCR, so I am home free. If I can print my own checks, so can anyone else print anything they want. I could easily print checks from any other business once I have their account number.

    What reduces check fraud is enforcement. Or so I think.

  • by glenebob ( 414078 ) on Saturday July 08, 2017 @10:19PM (#54771771)

    You have a check book? You pay for checks? And you balance it? Like, on the little paper balance sheet that comes with the checks, with a pen? Why why why?

    I pay for virtually everything with credit cards. Like, everything but food from the local taco truck and private purchases, like used cars or used furniture, etc. I certainly don't use a debit card tied to a bank account for online purchases.

    The only thing I do online with my actual bank accounts is pay off my credit cards and my mortgage (they won't accept a credit card, but it's a bank, so I feel reasonably safe - and the account I pay it out of is used almost exclusively for that, and nearly always has a zero balance), and transfer money between banks.

    If I want to know what's in my bank account, I check it online. I don't ever need to read statements, because I check all my accounts multiple times per month. And paper statements via snail mail? Please.

    Now, I'd prefer to have a tokenizing credit account for online purchases with not-so-major vendors, where each payment uses a single-use or limited-use token, but I don't know if that exists in a convenient form. That's how mobile payments work, but that wouldn't currently work for online payments. I'm also not that worried about it, since credit cards do a nice job of protecting customers from fraud, and I've never had a CC number stolen.

    And one last thing. If you pay with cash, you are subsidizing the rewards I get by paying with a credit card. Thanks :)

    • by lucm ( 889690 ) on Saturday July 08, 2017 @11:07PM (#54771899)

      The only thing I do online with my actual bank accounts is pay off my credit cards and my mortgage

      How dare you! If everyone was doing like you, the credit card companies would make no money and we would still have to pay things with cash and debit cards, paying obscene transaction fees every time.

      People who pay their credit card on time are the modern equivalent of the tragedy of the commons. Start carrying your weight today! Just pay the minimum and slowly build a mountain of debt. That's the American way.

  • Chill (Score:4, Insightful)

    by fahrbot-bot ( 874524 ) on Saturday July 08, 2017 @10:21PM (#54771773)

    There is risk in everything. Understand the type and extent of those risks. For example, you could get hit by a car while trying to pay a bill in person and die or end up in the with hospital with thousands of $$ in bills. Paying by check or online looks pretty safe by comparison.

    Furthermore, paying with a credit card limits your risk to $50 for fraudulent charges - just check your statement every month. If you're really paranoid, get a Bank of America MasterCard. They have a feature called ShopSafe [bankofamerica.com] whereby you can create multiple virtual credit cards (linked to your real CC) for use online. You simple specify the amount and duration and new CC and CVV/CVC numbers are generated. As a bonus, only the first vendor to use a virtual card can use that card. You can bump the limit and/or expiration date and "delete" the virtual card at any time.

    • Bank of America MasterCard. They have a feature called ShopSafe [bankofamerica.com] whereby you can create multiple virtual credit cards (linked to your real CC) for use online. You simple specify the amount and duration and new CC and CVV/CVC numbers are generated. As a bonus, only the first vendor to use a virtual card can use that card. You can bump the limit and/or expiration date and "delete" the virtual card at any time.

      That's what I was describing above. Almost perfect, except, "Please note that ShopSafe requires you to have Adobe Flash installed on your computer. Download Adobe Flash" :(

    • by gspear ( 1166721 )
      Citibank has this, too -- they call it a Virtual Account Number. I use it with almost all online transactions. Amazon is a little tricky, though, because it uses multiple merchant names and the virtual card is tied to the merchant name. Since it's hard to predict which merchant will be used, I usually just generate a new number each time.
  • by sottitron ( 923868 ) on Saturday July 08, 2017 @10:22PM (#54771775)
    Go to 7-11 and get a money order to pay those bills.
  • by heypete ( 60671 ) <pete@heypete.com> on Saturday July 08, 2017 @10:23PM (#54771779) Homepage

    Although somewhat snarky, the subject line sums up my opinion pretty succinctly: as an individual, does it really matter much?

    If my credit card gets compromised, by law the most I'm liable for is $50 (and my bank's policy is that I have $0 liability for fraudulent charges). On the few occasions, when my card information has been misused, the transactions were reversed and a new card in my wallet within a day or two. All I had to do was fill out a form saying "I didn't make these charges.", sign it, and send it to the bank. A mild irritation, to be sure, but hardly a big deal. With chip cards now commonplace in the US, simple cloning of cards is less of an issue than it was.

    Legally, I seem to recall that debit cards have somewhat less protection, but banks often extend their $0 liability policy to them as well, so long as you report it being lost or stolen within a reasonable time. Still, I dislike these since one is not merely disputing whether or not one owes money to the bank, but rather if one should get one's own money back.

    As for bank transfers and the like, I'd like it if the US would add "push" transfers like European banks do, rather than the "payee pull" system it currently has. Still, my understanding is that one is still protected from unauthorized withdraws from one's bank account.

    In short: I'm not terribly concerned about my financial information being abused by criminals, as the law and bank policies offer significant legal protections from fraudulent activity. Any such issues are a minor inconvenience. Of course, one should take reasonable precautions, but in general it's not a big deal. I'm a lot more concerned about criminals gaining access to difficult-to-change/cancel things like one's social security number, with which they could apply for new, unknown-to-you accounts in your name. That's much more of a hassle to resolve than simply having a credit card stolen or a bad guy making an unauthorized debit from one's account.

    • Your bank makes you fill out and sign a form for that? Shit, I have cards with 4 different banks (5 if you count store cards through Synchrony, but I've never dealt with fraud on those cards) and all 4 of them call me if they think a transaction is fraudulent; I can press 1 to verify the transaction or 2 to speak with a representative about potential fraud. All 4 banks I deal with have this system, and it works well; I've encountered actual fraud on cards from each of those banks and it's always been a matt
  • by thecombatwombat ( 571826 ) on Saturday July 08, 2017 @10:24PM (#54771781)

    My answer may not apply to people outside of the US. The rules vary.

    The better question, with regard to going all cash, is how liable are you in the event of compromise?

    Are online payment systems "safe" in the sense that they are unlikely to be compromised? No, not really.

    But if they are compromised, so what? If you use a major credit card, and your number gets compromised, it's really not that big of a deal. Most all of the liability is on the merchant and the card issuer, not you. The worst case scenario I've dealt with is the card being inactive for a few days. If you stick to using credit online, no debit or ACH, this can pretty much be the worst you have to deal with.

    This is one reason bitcoin and other digital currencies have difficulty going mainstream. Sure my hardware bitcoin wallet might be 100x more secure than my credit card, but if it gets compromised, I'm screwed. If my credit card gets compromised, I'm merely inconvenienced.

    Rather than going to cash, I recommend people try to:

    1) Keep at least two major credit cards open at all times with two different banks. Use one regularly, the other is a backup.
    2) Avoid using debit or ACH, especially online.
    3) Use a system like Mint so that you can easily monitor activity on your cards. If you see any activity that isn't you, be proactive.
    4) Use a service like PayPal whenever possible. A lot of my bills are paid via PayPal. If a card is compromised, expired, whatever, I only have to update one place. Plus it gives me yet another entity to share liability in the event of fraud.

    If you do these things, you're liable for virtually nothing, and the security of your payments is less of a concern. Let the credit card companies deal with it.

    • by ASDFnz ( 472824 )

      This is one reason bitcoin and other digital currencies have difficulty going mainstream. Sure my hardware bitcoin wallet might be 100x more secure than my credit card, but if it gets compromised, I'm screwed. If my credit card gets compromised, I'm merely inconvenienced.

      The thing with that though is that bitcoin just is not vulnerable at all like credit cards. There is no way someone can copy down the details you gave someone else legitimately to make a payment and just start using them to charge up things on your account.

      • Oh I agree, like I said, 100 time more, maybe it's 10,000x more. The exact amount isn't the point. The point is that the question should be "which option is most likely to cause me the least grief?" The answer to that question isn't necessarily "which is the least vulnerable to remote gremlins being bad?" The original question is too focused on that. Your payment system may get compromised ten times, but not cost you a dime. Your Bitcoin or your cash getting compromised once, will most certainly cost you mo

  • by __aaclcg7560 ( 824291 ) on Saturday July 08, 2017 @10:27PM (#54771797)
    A teenager in London got a hold off my debit card number, ordered makeup and bling from a small company in Texas, used a San Francisco storage facility for the billing address, and her actual street address for shipping. The transactions didn't get far as the safeguards came into play with the credit union on my end and PayPal on the vendor's end. I even filed a complaint with London PD. The credit union issued a new debit card and that was that.
    • Re: (Score:2, Funny)

      by lucm ( 889690 )

      A teenager in London got a hold off my debit card number, ordered makeup and bling

      I'm sure that's what you told your mom when she saw your bank statement, but you're not fooling anyone. It's 2017, just assume your crossdressing kink, nobody will judge you for that.

  • by Anonymous Coward

    Limit your financial and inconvenience exposure by
    (1) Closing inactive (i.e., unused 6months) accounts
    (2) Initiating a freeze on new credit applications or existing credit reporting
    (3) Request a Personal Identification Number (PIN) from the IRS to prevent bad guys from filing a fraudulent tax return in your name
    (4) Request your bank to limit the amount of money which can be withdrawn electronically from checking and savings accounts
    (5) Don't use debit cards for electronic transactions
    (6) Always challenge o

    • by lucm ( 889690 )

      Limit your financial and inconvenience exposure by
      (1) Closing inactive (i.e., unused 6months) accounts
      (2) Initiating a freeze on new credit applications or existing credit reporting
      (3) Request a Personal Identification Number (PIN) from the IRS to prevent bad guys from filing a fraudulent tax return in your name
      (4) Request your bank to limit the amount of money which can be withdrawn electronically from checking and savings accounts
      (5) Don't use debit cards for electronic transactions
      (6) Always challenge organizations which request your SSN when establishing an account
      (7) Immediately validate/reconcile your financial statements/transaction reports
      (8) Use challenge questions with responses that few, if anyone, would know the answer
      (9) Take advantage of online businesses which give you the opportunity to receive a separate code on your smart phone, to complete a transaction
      (10) Never respond to an initial online request to provide your identifiers or authenticators

      I don't think you understand what "limiting inconvenience" really means.

  • and get a one time number to use for any specific transaction.

  • if you use a Credit Card. Credit Cards are essentially loans. Swipe a card to buy a coffee and congrats, you just borrowed money. Our consumer protection laws say that you can't be held liable for more than a token sum ($50) if somebody uses a line of credit without your authorization. Hence all of the risk is on the card issuers. In practice they charge various fees (a lot of them to the businesses) to cover these losses. The cost ends up being built into everything you buy online (and a lot of things boug
  • In the US IFF you use a CREDIT card you are only liable for about $50 and most banks wave that. Although banks are always trying to get you to have Debit card I don't and won't have one since it is an open hole to your bank accounts. Debit cards are good for banks, Credit cards are better for everybody else.
  • Don't give your bank account number to anyone to withdraw from directly, online or off. (That includes paypal)

    Instead - use your BANK'S billpay service (almost all banks and CU's offer one), where you enter your bill account number on your bank's service, and then tetll your bank to send payment(s) in the amount you specify on the date you specify, and the biller (nor anyone that hacks their database) never has access to withdraw money from you.

    For services that want a credit card and won't bill you, either

  • Mostly I just don't worry. If there's fraud I won't be liable for anything significant. That said, I also don't want the hassle of replacing cards because somebody's customer database was compromised. So whenever possible I use payment options that don't result in my card info being on file with yet another third party. PayPal, Apple Pay, buying via a marketplace like Amazon, etc. Each time I can pay with one of those methods, it's one less opportunity for my card info to leak out.

  • I've never had a problem with credit cards used for online payments. Sure, they'll get compromised, but half the times my cards were compromised it was through brick-and-mortar merchants whose point-of-sale systems were compromised so online use doesn't look to be any more risky that in-person use. Just make sure to check the charges daily (I use a finance program that automatically downloads new charges every morning, plus it gives an alert on the first charge by a new merchant which is convenient). Consum

  • I use my bank's bill pay system for everything except for two fossil payees to whom I have to mail checks, like we did in the 1900s. These are the ones I have trouble with, because an average of once a year the checks just never get there, even though one is a block away from me.

    This is one area where the Europeans do it better: make everybody use their equivalent to the bank transfer system.

  • Unless you live in some weird arse country that has no rights to dispute payments on a credit card then your CC is probably far safer than using cash. Seems the poster either lives in a very unsafe country or is ignorant of the reality.
  • While nothing is 100% safe online, paying online is much more dangerous for users that aren't smart with their computer before they ever go to buy something.

    With that said, I'd avoid using checking account numbers for online purchases. It is riskier than credit or debit cards because all someone has to do is credit an ACH payment against your routing and account number and the money is withdrawn and gone. At best, you only lose a few hours of your life and deal with the following:

    You have to contact your ba

    • "all someone has to do is credit an ACH payment against your routing and account number and the money is withdrawn and gone."

      In the US at least, your routing and account number are printed on the bottom left of every physical check you write in those odd, but quite human readable, MICR characters. Doesn't give one a warm fuzzy feeling. OTOH, I've never had any problem with ACH based raids on my bank account and have never heard of anyone who has.

  • I never carry cash anymore. I pay-tap everywhere. As to CC transactions, that's payment of last resort. All my bills are paid by direct debit. Not in my list? I get an SMS needed to add. Other transactions, via PayPal if available. Approved by, wait for it, SMS code. Last resort, CC details. They've been hijacked twice, each time reversed withing 18 hours. Get with the times.

  • Way back when I started using MBNA's ShopSafe system for online purchases. BankAmerica bought them and implemented their technology.

    ShopSafe allows you to generate a temporary credit card number that is good from 2 - 12 months, with whatever dollar amount you wish (up to your credit line limit).

    I have a BofA CC that I use exclusively for Internet purchases. The physical card itself is stored in my safe and has never had that account number used, other than the generated ShopSafe numbers.

    I've never had a f

  • I got hacked a couple times, evidently by dumpster divers behind a legit biz in the days of paper CC processing.
    .

    Easy fix, worked ever since:
    Setup a separate account at the bank for online stuff, in my case, with a debit card. Don't keep any real amount of money in the account. Just before clicking the final "check out" or "place my order", log into the bank and transfer just the right amount into the online account.
    That account normally only has a small amount of money in it - $20-$50, which is all t

  • I may be one of the few but I started doing that when the check-printing software I used to use started sucking.

    Either I couldn't find the original install media or that version didn't work on a newer version of Windows, I can't remember. I got their upgraded software but it absolutely sucked if it worked at all. Besides printing your own checks isn't really worth the hassle anyway. My printer has been out of ink for several years now.

    I could pay most of my bills by phone and with a credit card but fir

  • by stereoroid ( 234317 ) on Sunday July 09, 2017 @08:16AM (#54772853) Homepage Journal

    Euro-peon here (Ireland). I use a debit card linked to my current (checking) account for small purchases, and a credit card for online and larger purchases, which I can usually pay off every month unless it's very large. The debit card is touch-enabled, which has some security features built in. Touch purchases are limited to €30 and after three of those you'll be asked to insert the card and enter the PIN - so if the touch system is compromised there's a "stop" on that. As far as I can tell those touch purchases are authorised without checking your current balance, and might not hit your account until days later.

    I have heard of "walk-by" attacks on touch cards here - e.g. one lady I know had €11 taken off her card that was apparently billed to a pay email service on an ISP in New Zealand. Small, one-off charges that the payee might not even notice if they are a heavy user of that card. There are things you can do to avoid that, such as not keeping the card on you in an obvious place such as handbag or back pocket. Or tin foil.

Basic is a high level languish. APL is a high level anguish.

Working...