Thursday, July 29, 2021

Information for David and Others

One of our authors, David Blackard, had his bank account hacked recently; his article gives some of the details. Using electronic payment rather than physical cash has become part of life, so the chances of someone intercepting or rerouting your financial information is a risk every time you pull out your credit/debit card. 

Like David, I don't use credit cards. I tried them many years ago, and the combination of high interest on the balance and my somewhat impulsive nature led to a bad couple of years worth of bills. I pay for things as I go now; it makes my life simpler, and I've learned that saving up for big purchases usually leads to better choices. 

I do however use a debit card or two for online purchases. My main card has alerts set for any purchase made, and I get an email from the bank for every purchase or bill I pay. My bank is a bit slow, so the alerts may take a few hours to show up, but it is an added layer of security.

Debit cards are accepted like credit cards, but the money isn't a loan with interest, but rather it comes out of your bank account. (For those of us over 40, it's like writing a check.) The downside to debit cards is that they are like a checkbook full of blank checks: once someone has access to your card information, they can (but most won't) write as many checks as they want until you realize that you've been compromised. Credit cards generally have protection against unauthorized charges, but debit cards usually don't. 

If you're dealing with a site that looks sketchy, don't use your main debit card for purchases and instead pick up one of the reloadable/prepaid debit cards available at most large stores and banks to limit the amount of damage to which you're exposing yourself. These aren't gift cards, bur rather real debit cards tied to a real bank account, just not your main one. When my son was a teenager, we used a reloadable card (Green Dot) to give him an allowance; it was convenient for him and did away with cash that could be lost or stolen. Keeping a card with $100 or so on it makes questionable purchases a little more secure, and it's not tied to any of your other accounts. 

David also mentioned Google Pay and Apple Pay, but didn't know much about them. I've used Goodle Pay for a while; it's not as readily accepted in rural areas, but I can use it at fast food and other chain stores. Both systems link to at least one of your debit or credit cards and use Near Field Communication (NFC) to "talk" to the cash registers. NFC is a very short-range radio signal (the range is measured in inches) so intercepting the data is difficult. 

Google and Apple also both use an anonymizing system called "tokenization" to transfer money, so your card numbers are never given to the vendor. The "token" is a string of data that leads back to the system that generated it, so it isn't encrypted but is a replacement for the card data. There is no relation between the real data and the token, so there is no way to reverse or crack it without access to the system that created the token. Google Pay requires a screen lock as a security feature -- you have to unlock your phone or re-enter the unlock before you can use it, and disabling the screen lock will delete the Google Pay information. 

You can also use either system to send or receive money to/from friends and family via email. Several apps, like Lyft and AirBnB, offer them as an option at checkout. Both companies will gather purchase information and use it as they see fit to tailor ads to you and do other things. Neither company has a stellar reputation, but they do a fair job with data security. 

I try to minimize risks where I can and my money is one of those important areas that is difficult to lock down. Cash is great, but is easy to steal and not always convenient to carry. Electronic payment systems rely on telephone and internet access, so they're not as secure and don't have 100% uptime like cash, and have become part of life now. My philosophy is that I only own that which I can hold, so the digital money is there (for now) to be used but not relied upon. 

1 comment:

The Fine Print

This work is licensed under a Creative Commons Attribution- Noncommercial- No Derivative Works 3.0 License.

Creative Commons License

Erin Palette is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to