• Caveman@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    3 months ago

    As a sidenote here I have a different issue where handing people your CC info is basically handing out the private keys to your bank account to a third party.

    I’d really like it if a credit card would use a public key system where you can verify that I have the funds and that the payment originates from the payment provider instead of getting my full CC details. I don’t really see why it’s necessary for a business to know who I am instead of just getting a green light from Mastercard or Visa to make the payment.

    • chiliedogg@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      3 months ago

      Aren’t cellphone NFC payment essentially a long-form version of this? As far as the machine is concerned they’re getting your CC info, but Google/Samsung/Apple Pay are acting as a middleman and your actual credit card information is never actually shared.

      • Caveman@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        3 months ago

        Yeah, it has it’s perks but my NFC stops working on a regular basis. Also I don’t like having my payments go through a spyware conglomerate.

      • tmpodMA
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        As far as I know, modern cards don’t just send your CC info to terminals, they do some form of a cryptographic handshake (probably a pubkey signature or similar) which gets confirmed by your bank. I believe Caveman was talking more about online shopping, where you have to enter your card number, expiration date, CVC and often your name too.

        • chiliedogg@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          3 months ago

          I’ve run across a few sites that allow me to check out entirely through Google Pay or PayPal, but not many. I still don’t love the info going through Google, but at this point they already have all my information, so it doesn’t really make much of a difference at this point.

          And of course for anything that needs to be shipped they are going to need a name and shipping address.

          I would like to seeegally mandatory “guest checkout” options with protections on data use. They’ll need to keep some kind of invoice/receipt of the transaction, but it should be illegal to use it for any other purposes than order/purchase tracking for guest accounts.

    • tmpodMA
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      3 months ago

      That’s why I love virtual card systems like MB NET. You just generate a random virtual card for every purchase (or a recurring one for each subscription vendor, for example) and move on. Your bank still knows what you’re doing, of course, but vendors can’t correlate anything. Preventing your bank from knowing where you’re spending your money is much harder, for very practical reasons: fraud detection. The only real way is to use a secure crypto coin like Monero, but very few places accept it and you still have to deal with volatility.

      • Caveman@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        3 months ago

        I think crypto has a lot of potential in this space. You can effectively have a wallet with cash that requires 2 factor auth to make the transaction that is anonymous in both directions.

    • wuphysics87@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      3 months ago

      This is my biggest issue too. In the ideal situation, I “trust” my bank. What I have an issue with is whenever I buy something it becomes part of the “public space” of data brokers. Maybe they only trade information on what my breakfast cereal of choice is. More (most definitely) likely is that everything I buy is there for any third party to see