Is there something similar to privacy.com in Europe so I don’t have to enter my credit card information everywhere? Or another way to buy stuff online privately on many different stores and websites?

  • FierySpectre@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    5 months ago

    What I use for such sites is a frozen card which I only unfreeze after setting a limit for my exact purchase amount. Pay, freeze again for the next time.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      5 months ago

      My bank will assign cards to specific accounts and only draw payments with that card from that account. And they let you make multiple cards and multiple accounts, naturally.

      So for me the easy solution is to simply not keep money in that account (because it’s a debit account and will simply refuse payments when there’s no money).

      The other simple solution is the fact that the bank also lists the tokens currently associated with each card, and lets you remove them. Once the token is gone the website has to ask for explicit permission again.

      For those not familiar, nowadays websites can no longer store actual CC details (it’s a huge compliance violation) and in fact they never even get to see the CC details anymore. You enter the CC details on the processor’s page (which is a separate entity), they send them to your bank, the bank verifies them, asks for a 2FA confirmation from you, and if everything checks out they issue a token to the website.

      The token can be good for a one time payment, or for recurring payments. If it’s a recurring token my bank will list it next to the card involved and let me revoke it. The website can use the token for as long as it’s still listed – if I delete it they have to ask for a new one.

      I suspect that this is the main shortcoming of Revolut’s one-time cards, they issue one-time tokens (naturally) and it’s easy for the website to see that it’s not a recurring one.

      Edit: I should also mention that in the EU this token mechanism is NOT used for utilities. For utilities (and for other EU recurring payments) there’s a similar but explicitly separate mechanism called SEPA. It’s similar in the sense you can set up the payments and you see them listed next to your account, you can revoke them at any time, they also use a tokenization system, but they draw directly from an account, there’s no CC involved and no CC processors, it’s a system that works directly between EU banks.