Online purchases are up and Cyber Monday sales were strong, which is good news for ecommerce merchants. But these merchants still face a significant challenge: protecting against data breaches, particularly when credit card information is stolen.
Credit card fraud increased 40 percent in 2016, according to one report, with a cost to consumers of approximately $16 billion. There may never be a guaranteed way to thwart hackers. But a few start-ups have come up with a solution to reduce, if not eliminate, the problem. Their idea? Disposable credit cards.
“It’s a way of muddying the waters,” said Boling Jiang, chief executive of New York payments start-up Pay With Privacy in this Los Angeles Times report. “Fraudsters get these numbers, but they’re useless.”
The concept is simple. Jiang’s service allows people to generate as many “virtual cards” as they want – each with their own number (there are 10 quadrillion possible 16-digit combinations) that are tied to their bank account. Each virtual card comes with its own security code and user-assigned expiration trigger. A trigger, for instance, could be set to go off after the card is used once, or after a certain dollar amount is reached. Or the cards can be targeted for use at just a single merchant.
The concept isn’t exactly new. Some financial institutions tried it before but didn’t commit. More recently, the chip-cards we use today include enhanced security that is built on the ability to generate a single user “token” for each transaction. That’s all well and good for transactions that are in-store. But the security feature is useless for the online purchases many of us are doing, unless you’re using mobile apps from Apple, Google and PayPal.
Jiang’s firm is competing in a crowded space of start-ups that all offer their services free to consumers and make their money by taking a percentage of the transaction fees generated (remember – they’re helping financial institutions reduce their fraud costs). Many of these companies also issue their own debit cards and are able to earn interest on deposits. Another handy feature is that the products, which are managed through mobile apps, allow customers to individually cancel subscriptions just by simply de-activating a virtual card.
Some question whether the cards are necessary, given that federal laws pretty much insulate consumers from any liabilities caused by fraud. The companies answer yes, because their products are providing a valuable solution to the biggest problem created by credit card fraud: our time. Who wants to deal with the aggravation of reporting an incident, cancelling cards and getting new cards issued, right? Not me.
Special To The Washington Post · Gene Marks